The Hardware Layer
The EMSCB security architecture relies on the protection mechanisms (e.g., protection rings and virtual address spaces) offered by common CPU architectures available for a wide range of computing platforms like PCs, servers, mobile platforms, and embedded systems (see Figure 1).
Figure 1: Due to its modularity, the PERSEUS security architecture can be used with a wide range of computing platforms. Moreover, trusted computing hardware can be used to fulfill more complex security requirements.
It is sometimes stated that all security requirements can be fulfilled based on common hardware architectures. However, this is not true, since in the era of smartphones, notebooks and PDAs the untrusted environment does not physically protect the device anymore. However, untrusted adversarial environments require tamper evidence or tamper resistance, which is not provided by common hardware architectures. Even the certain degree of tamper-resistance provided by smartcards (e.g., to protect unauthorized access to cryptographic keys) do not help here, since they cannot offer other important security features such as a trusted path.
Therefore, depending on the underlying trust assumptions and environmental requirements, additional trusted computing hardware is supported by EMSCB. In an untrusted environment, for example, a TPM can be used to securely store crypographic keys and to be able to verify the bootstrap process.