Last modified: 12/04/03 12:37:32 PM
Rich MacDonald, Sean W. Smith, John Marchesini, Omen Wild.
Bear: An Open-Source Virtual Secure Coprocessor based on TCPA
Technical Report TR2003-471, Department of Computer Science, Dartmouth College.
This paper reports on our ongoing project to use TCPA to transform a
desktop Linux machine into a virtual secure coprocessor: more powerful
but less secure than higher-end devices. We use TCPA hardware and
modified boot loaders to protect fairly static components, such as a
trusted kernel; we use an enforcer module---configured as Linux
Security Module---to protected more dynamic system components; we use
an encrypted loopback filesystem to protect highly dynamic components.
All our code is open source and available under GPL from
A subsequent report extends