Remote-Launch: Borrowing Secure TCB for Constructing Trustworthy Computing Platform

Commodity operating systems have become extremely large to provide a lot of services, and then their vulnerability has been targeted by malicious attack. In order to increase security in operating system, there have been many attempts to reduce the size of Trust Computing Base (TCB). However, most of the approaches have applicability limitations due to hypervisor vulnerability and additional hardware requirements. To address these limitations, instead of reducing TCB size, we propose a novel approach to enhance the security of the system. We hide secure TCB for sensitive applications, and thus build an isolated secure environment using a well-equipped infrastructure. For evaluation, we implement a prototype, called Remote-Launch, which runs a security-sensitive process on the borrowed secure TCB.