Kirk Brannock is a Principal Engineer in the Mobile Platforms Group and is focused primarily on platform security concerns. His e-mail is [email protected] Prashant Dewan is a Research Scientist at Intel Labs. His e-mail is [email protected] Frank McKeen is a Research Scientist at Intel Labs. His e-mail is [email protected] Uday Savagaonkar is a Senior Research Scientist at Intel Labs. His e-mail is [email protected] Copyright (c) 2009 Intel Corporation. All rights reserved.
The Internet and the connected environment have brought substantial changes to the nature of applications. Applications are evolving to bring valuable data to the client platform. Applications can be distributed across many platforms. Each platform performs a particular task of the application. The application interacts with the user of a computer and other applications. Applications today can dynamically download information, and information can be forwarded from one computer to another without any user intervention. This allows applications to take advantage of remote and local computational resources.
Many applications contain intellectual property (IP) that may be valuable to outside parties or even the owner of the machine (for example, getting a look at an earnings report before it is released). In some cases this IP is not sold to the computer owner but rather rented (for example, when you rent a movie). When IP is rented, the computer user does not own the rights to it, but rather is provided access for some defined period.
In addition, database applications provide the ability to distribute records to many machines. These databases store millions of records, such as financial and medical, as well as other valuable and important records, and keeping track of this information has proved to be problematic. There are many reports of lost laptops containing thousands of records.
There are also numerous reports of servers being overrun with malware that removes many files that contain personal information.
The computer ecosystem today is dominated by open platforms. These platforms are constructed with a myriad of software components from different vendors, and all of the components vary in quality. A computer may include components from as many as a dozen manufacturers. Many of these components use privileged drivers that are inside the TCB of the application; they have access to the application's data.
Computer platforms contain hundreds of settings and parameters that affect the security and integrity of the platform. It takes a panel of experts to understand how to secure such a platform, given the implications of all the various settings; yet, for the most part, platform users are untrained in software or security. The result is that platforms are often mis-configured with respect to security protection.
Moreover, the current ecosystem encourages the download of both code and data. There is no way for users to tell if the files they download contain only the code they expect. For instance, many users are deceived by a download that purports to provide a service but at the same time deposits other code in their system—code that is in effect malware. Today's platforms allow remote download of code that executes at privileged levels. A user can accidentally download code that will alter the operating system (OS) configuration.
All of these factors make machines vulnerable to attacks that can result in the release of confidential data.
Why a Secure Execution Zone is Needed
As the Internet has evolved, innovation has resulted in new applications that require the ability to securely store data and protect them from unauthorized usage and tampering. The value of data has risen in recent years. For example, the theft of files containing personal information leads to identity theft. Data are also a company's or a manufacturer's intellectual property (IP); these data contain trade secrets of the application. Data in applications, such as those shown in Table 1, require protection. Many applications have legal requirements to protect data. For instance, medical records must meet protection standards imposed by the Health Insurance Portability and Accountability Act (HIPPA). The Sarbanes-Oxley Act of 2002 imposes protection of corporate financial data to prevent insider trading and the compromise of a company's integrity.