Thoughts on droplets
Tue, 2 Nov 1999 10:12:14 -0500

>> 3. A mechanism by which one machine may verify that the other's kernel
>> trusted.
>> The last two problems can be solved by use of a number of hardware
>> cards.
>It can? I'm intrigued ... how would one detect the other guy's kernel
>running on an emulator that is going to do something nasty only after
>the kernel verification?

See, for example, Bill Arbaugh's papers from the University of
Pennsylvania.  I know of a much simpler solution, but as it is currently
undergoing patent filing I can't say anything about it.

Jonathan S. Shapiro, Ph. D.
Research Staff Member
IBM T.J. Watson Research Center
Phone: +1 914 784 7085  (Tieline: 863)
Fax: +1 914 784 7595