views:

134

answers:

1

Do any current operating systems (windows, linux, BSD) provide drivers that enable user-mode programs to execute partly in the trusted execution mode (isolated from everything else running on the computer)? If so, where can the documentation be found?

+2  A: 

Check out Jon McCune's Flicker project at CMU. It let's apps create self contained code modules that execute with TPM protection. The catch is they only run for an instant. The module is loaded with TPM protection, decrypts data, processes it, encrypts the results, and then exits. The OS is suspended while Flicker applets run, so they have to be fast. But TPM protection means a corrupted OS or app can't steal secrets.

Flicker is only for AMD right now but they are working on an Intel version.

http://sparrow.ece.cmu.edu/group/flicker.html