Image Unique Identifier

tim Rowledge tim at rowledge.org
Wed Aug 23 15:23:13 UTC 2006


On 23-Aug-06, at 12:14 AM, Klaus D. Witzel wrote:

>
> Having worked for supersecurity-hyperparanoid www.nato.int in their  
> data centres for some years, I think that I have some background  
> knowledge which can protect that key inside the image.
>
> The short story is, to not have the key passed to the image (i.e.  
> during startup) and to not generate the key within the image (i.e.  
> between startup and shutdown and/or snapshot).
>
> The protection mechanism is to not allow to take a copy of the  
> running executable (means: VM) and also to not swap the executable  
> out of real (chip) memory, that means: the executable is never  
> written back onto disk again. Buy a B5000 (or a modern successor)  
> and its hardware and OS already does that for you ;-)

The nearest hardware equivalent that I know of would be the latest  
ARM designs; they have a software controlled chunk on on-cpu memory  
that is cache-speed and never reflected on any if the package pins.  
Thus you could load the routine to generate the uuid into this  
memory, execute entirely in there with no shadow of the intermediate  
results ever being visible, and then store the result and and testing  
routine in there. Of course, I would want to install crucial parts of  
the VM in this memory space as well.

It is essentially a writable control store that can be used for data  
as well. Nice idea.


tim
--
tim Rowledge; tim at rowledge.org; http://www.rowledge.org/tim
Satisfaction Guaranteed: We'll send you another copy if it fails.





More information about the Squeak-dev mailing list