BATTLE OF SKM AND IUM
1MHMIxh
1MHMIxh
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
SEPARATION <strong>OF</strong> ROLES<br />
• Instead of loading the full kernel and environment into the secure partition (which would add<br />
significant attack surface), a different execution model is loaded<br />
• The Secure Kernel Mode (<strong>SKM</strong>) environment which runs at Ring 0 (VTL 1)<br />
• The Isolated User Mode (<strong>IUM</strong>) environment which runs at Ring 3 (VTL 1)<br />
• Secure Kernel Mode includes a minimal kernel, and a few kernel modules (no Win32k.sys!)<br />
• Kernel -> Called the SMART Kernel or SK<br />
• Modules -> SKCI.DLL (Provides Code Integrity), CNG.SYS (Provides Cryptographic Services)<br />
• Isolated User Mode includes specialized processes called Trustlets<br />
• Trustlets are isolated among each others and have special digital signature requirements<br />
• They are limited by the system calls provided through <strong>SKM</strong>, and do not have access to CSRSS<br />
• They can only load <strong>IUM</strong>-approved DLLs<br />
• Everything else in VTL 0 remains as is, and is sometimes called the High Level OS (HLOS)<br />
• It is important to note that barring the <strong>IUM</strong>-signing restrictions, <strong>IUM</strong> shares the same binaries as Normal Mode