15th Annual Computer Security Applications Conference
December 6-10, 1999
Phoenix, Arizona

TrustedBox: a Kernel-Level Integrity Checker

Pietro Iglio, iglio@fub.it
Fondazione Ugo Bordoni
v. B. Castiglion, 59 - 00142 Rome - ITALY

There is a large number of situations in which computer security is unpopular. In fact, common users do not like too much restricted security policies. Usability is often preferred to security. Many users want to be free to use their computers to run untrusted applications. Moreover, it is not possible to require that every computer user is a security expert. As a consequence, it is very easy for hackers to gain access to a computer system, and to perform a number of unauthorized operations.

In this paper we focus on the problem of system integrity. There are some applications in which system integrity is at least as important as privacy and service availability. For this purpose, we have designed and implemented TrustedBox, a kernel-level integrity checker that can be used to enforce a very restricted security policy and that allows users to use the same system to perform untrusted operations.