Intel Trusted Execution Technology For Server Platforms A Guide To More Secure Datacenters William Futral

Intel Trusted Execution Technology For Server
Platforms A Guide To More Secure Datacenters
William Futral download
https://ebookbell.com/product/intel-trusted-execution-technology-
for-server-platforms-a-guide-to-more-secure-datacenters-william-
futral-4385856
Explore and download more ebooks at ebookbell.com

Here are some recommended products that we believe you will be
interested in. You can click the link to download.
Intel Xeon Phi Coprocessor Architecture And Tools The Guide For
Application Developers 1st Edition Rezaur Rahman Auth
https://ebookbell.com/product/intel-xeon-phi-coprocessor-architecture-
and-tools-the-guide-for-application-developers-1st-edition-rezaur-
rahman-auth-4345328
Intel Galileo And Intel Galileo Gen 2 Api Features And Arduino
Projects For Linux Programmers 1st Edition Manoel Carlos Ramon Auth
https://ebookbell.com/product/intel-galileo-and-intel-galileo-
gen-2-api-features-and-arduino-projects-for-linux-programmers-1st-
edition-manoel-carlos-ramon-auth-4971520
Intel Debugger Command Reference Coll
https://ebookbell.com/product/intel-debugger-command-reference-
coll-49474548
Intel 64 And Ia32 Architectures Optimization Reference Manual Coll
https://ebookbell.com/product/intel-64-and-ia32-architectures-
optimization-reference-manual-coll-5851232

Intel Virtualization Technology For Directed Io Architecture
Specification Rev 24 Coll
https://ebookbell.com/product/intel-virtualization-technology-for-
directed-io-architecture-specification-rev-24-coll-5851252
Optimizing Hpc Applications With Intel Cluster Tools 1st Edition
Alexander Supalov
https://ebookbell.com/product/optimizing-hpc-applications-with-intel-
cluster-tools-1st-edition-alexander-supalov-4929366
Internet Of Things 101 Intel Edison Itebooks
https://ebookbell.com/product/internet-of-things-101-intel-edison-
itebooks-23836512
8th Generation Intel Processor Family For Sprocessor Platforms Intel
https://ebookbell.com/product/8th-generation-intel-processor-family-
for-sprocessor-platforms-intel-10124640
Highperformance Computing On The Intel Xeon Phi 2014th Edition Endong
Wang
https://ebookbell.com/product/highperformance-computing-on-the-intel-
xeon-phi-2014th-edition-endong-wang-4743090

For your convenience Apress has placed some of the front
matter material after the index. Please use the Bookmarks
and Contents at a Glance links to access them.
Download
from
Wow!
eBook
<www.wowebook.com>

v
Contents at a Glance
Foreword��xiii
About the Authors
��xv
Acknowledgments��xvii
Introduction��xix
Chapter 1: Introduction to Trust and Intel
■
■ ®
Trusted Execution Technology��1
Chapter 2: Fundamental Principles of Intel
■
■ ®
TXT��15
Chapter 3: Getting It to Work: Provisioning Intel
■
■ ®
TXT��37
Chapter 4: Foundation for Control: Establishing Launch Control Policy
■
■ ��61
Chapter 5: Raising Visibility for Trust: The Role of Attestation
■
■ ��79
Chapter 6: Trusted Computing: Opportunities in Software
■
■ ��89
Chapter 7: Creating a More Secure Datacenter and Cloud
■
■ ��105
Chapter 8: The Future of Trusted Computing
■
■ ��119
Index��129

xix
Introduction
While there are numerous papers and other forms of documentation on Intel®Trusted Execution Technology
(Intel®TXT), most of them focus on helping the platform designer and operating system vendor (OSV) implement
the technology on a hardware or software platform. There are, however, a small amount of engineering, marketing
and positioning materials that focus on the outcome or the use of the technology that would be helpful to an IT
professional. Often though, these materials are more objective than subjective. That is, they tell the designer or
implementer what they can do, but not necessarily what they should do, or why they would want to select one option
over another. In the practice of making real use of new technologies, this gap creates a problem.
Our experience has shown that when a platform arrives at the datacenter, there is typically very little information
to guide the system administrator to make the best use of new capabilities such as Intel TXT. While Intel is well versed
in collaborative dialog with our core audience of platform architects, OS architects, and software developers regarding
implementation details, the Intel TXT enablement experience exposed us more forcefully to a new audience—and a
new opportunity. We continually get questions from IT managers and cloud solutions architects wanting to know how
this technology is and should be employed, in order that they can evaluate which options they should implement in
their own environments. Hardware and software designers are also inquisitive about how the datacenters deploy the
technology, what issues they face, and which features are important to them.
Thus it was obvious that there needs to be a book to provide a more complete picture, starting with why the
technology is important, what the hardware does, and then work its way up the stack specifying the roles of the OEM,
datacenter, OSV, and ISV. In short, our goal became: create a book that takes the mystery out of this new technology—
from architecture to deployment. This publication also allows us the opportunity to raise visibility for emerging
threats, while being in the envious position of being able to raise awareness of solutions based on products that our
core audience is quite likely already buying (such as Intel TXT enabled servers and operating systems or hypervisors).
Happily, we can also help note that solutions based on this technology are also integrated or enabled at “trivial” extra
costs such as the $30-50 cost of adding a TPM module to some OEM servers. In short, these solutions are really near at
hand, it is just a matter of getting the word out and helping show the methods and benefits!
This book provides a comprehensive guide for the datacenter as well as providing additional contextual insight
for the platform and software suppliers. Thus the first half of this book explains what the technology does and why
it works, explains how attestation works, discusses the value of various features, and walks the reader through the
process of enabling the technology, creating launch policies, and selecting the best policy for the datacenter. And it
does so in the context of explaining what choices are possible and the key considerations behind them. In short, the
first half is largely about implementation—the “what” and “how” of Intel TXT.
The second half of this book is designed to provide an overview of the big-picture “why” of implementing Intel
TXT. It focuses on the use models—what operational, security and business benefits can be derived from using
it? It focuses on the ecosystem requirements—the key hardware, software and services that are needed today and
in the future—to make use of Intel TXT in the cloud or enterprise. These discussions are intended to help the IT
administrator or enterprise security architect assess the capabilities of the technologies and dependencies of the use
models against their business needs. And it closes with a discussion of the future.
No IT manager or architect wants to dedicate their time and resources to build or deploy a one-off solution.
It is essential to not only explain the capabilities (and limitations) of today, but to provide insight into where this
foundation may lead and how that may also map into rapidly evolving business needs. The intention here is to help IT
and security leaders identify and establish new opportunities to solve security challenges of today, and also position
themselves to use enhanced security capabilities to more fully enable and drive the enterprise of the future.

■ Introduction
xx
Intel TXT is being deployed today by companies across the globe and in many industries. Are they undertaking
wholesale “ripping and replacing” of IT infrastructure to gain the protections and capabilities enabled by Intel TXT?
Absolutely not. That is not how IT works. No, instead they are deploying their new server installations with Intel
TXT activated and built and targeted to key visibility, control and compliance use models—typically for their cloud
infrastructures. In effect, they are establishing new, more secure pools within their existing infrastructure that are
more suitable for hosting their more sensitive or regulated workloads. This type of optimized deployment model is
also a well-worn IT practice for targeting resources and utilizing the optimal platform to host them.
These earlier adopters are gaining hard-earned benefits today and setting the stage for a more secure future
for their businesses. They are learning much from this process as they pioneer solutions even as the market and
technologies mature (and in fact they help shape the direction of the maturation by working with Intel and others
to implement these solutions). Our objective with this book is to help share the groundwork of experts and pioneers
and to lower the barriers to implementation so that these trust-based solutions can deliver value much more broadly
through the industry.

1
Chapter 1
Introduction to Trust and Intel®
Trusted Execution Technology
Every contrivance of man, every tool, every instrument, every utensil, every article designed for use,
of each and every kind, evolved from very simple beginnings.
—Robert Collier
Intel®
Trusted Execution Technology (Intel®
TXT) is a technology that uses enhanced processor architecture,
special hardware, and associated firmware that enable certain Intel processors to provide the basis for many new
innovations in secure computing. It is especially well suited for cloud computing and other uses where data integrity
is paramount. Its primary goal is to establish an environment that is known to be trusted from the very start and
further provide system software with the means to provide a more secure system and better protect data integrity.
This is essential in that if the platform cannot be protected, then the data it will store or process cannot really be
protected. At a minimum, this technology provides discrete integrity measurements that can prove or disprove a
software component’s integrity. These software components include, but are not limited to, code (such as BIOS,
firmware, and operating system), platform and software configuration, events, state, status, and policies.
By providing a hardware-based security foundation rooted in the processor and chipset, Intel TXT provides
greater protection for information that is used and stored on servers. A key aspect of that protection is the provision
of an isolated execution environment and associated sections of memory where operations can be conducted on
sensitive data, isolated from the rest of the system. Likewise, Intel TXT provides for sealed storage where sensitive data
such as encryption keys can be securely kept to shield them from being compromised during an attack by malicious
code. Attestation mechanisms verify that the system has correctly invoked Intel TXT to make sure that code is, in fact,
executing in this protected environment.
This book describes how this technology can benefit the datacenter, and it specifically addresses the concerns of
the cloud service provider and the cloud service client. The goals of this book are as follows:
To explain what this technology does and its underlying principles
•
To describe the roles and responsibilities for enabling and using this technology
•
To guide the system administrator in establishing the right launch control policy
•
To discuss how software (local and remote) can take advantage of this technology
•
To look at some current and future innovations and how they apply to public and
•
private clouds
Clearly these are important topics, so let’s get started!

Chapter 1 ■ INTRODUCTION TO TRUST AND INTEL®
TRUSTED EXECUTION TECHNOLOGY
2
Why More Security?
Intel Trusted Execution Technology is relatively new for servers. It was initially developed for desktop and mobile
computing platforms. It first debuted in servers in 2010 as attacks on datacenters started to escalate and calls for
platform hardening formalized. For quite some time, server platforms were thought to be immune from attacks
because they are typically kept in secure rooms and managed by highly skilled professionals. That is no longer
sufficient. The frequency of attacks against datacenters is growing at astounding rates and those attacks are
increasingly likely to have come from organized crime, corporate competitors, or sponsored by foreign governments
with very sophisticated methodologies and deep resources.1
Corporate executives worry that a breach could be
very costly—both socially and economically, in the face of new regulations and stiffer penalties for failing to protect
personal information.
Andy Grove, one of the Intel’s founders, wrote the book Only the Paranoid Survive (Doubleday Business, 1996).
This book is about recognizing inflection points and taking action. Server security is definitely at one of those
inflection points. A successful attack could do significant damage to a company, regardless of whether that company
is providing the service or using it—especially if adversaries can demonstrate that the company failed to use available
security precautions. But it doesn’t even take a successful attack. Just the failure to use available security precautions,
or to make them available to your customers, could do irreparable harm.
Furthermore, this need for vigilance and caution doesn’t only apply to business environments. The individual
making online purchases, retail companies using cloud computing services, and cloud service providers all want
more assurances that transactions and data are protected.
The answer is a higher level of security, better ability to mitigate attacks, and the means to prove those capabilities
are enforced. Intel Trusted Execution Technology (or Intel TXT) can now be a significant part of that solution.
Types of Attacks
Bad people do bad things for all sorts of reasons. Some try to prevent use of the platform (denial of service,
a.k.a. DoS attacks), some want to destroy or corrupt data, and others want to steal data. They will attack data in flight,
at rest, and in use.
Data-in-flight refers to the transmission of data from one place to another. Using a secure channel that encrypts
data during transport helps defend against in-flight attacks, but one also has to make sure that the recipient is the
intended recipient and guard against replay attacks and the man-in-the-middle attacks. A replay attack is where an
attacker intercepts a transmission and resends a copy of that transmission at a later time to fool the recipient into
thinking it came from an authorized source portraying a real transaction. The man-in-the-middle attack is where an
entity inserts itself into the communication link, forwarding transactions between the two endpoints, and thus gaining
access to the privileged information. For this case, entity A starts a session with the attacker (the “man in the middle”)
thinking it is a session with entity B. The attacker then starts a secure session with the intended entity B, claiming it is
entity A. The attacker is now able to steal or modify the data being transmitted between A and B.
Data-at-rest refers to the storage of data. Encrypting the data before storing on disk is a growing practice, but it
also requires protection of the encryption keys. One answer is sealing of data, such as keys, so that it can only be used
by authorized agents. But again, this raises the question of who to trust and how to prevent untrusted entities from
gaining access.
1
Example from the US Federal Bureau of Investigation (FBI), November 2011, http://www.fbi.gov/news/stories/2011/
november/malware_110911.

3
Data-in-use refers to the data being manipulated by the application. Applications typically work on unencrypted
data, so an attacker gaining access to that data circumvents any transport or storage protections. These attacks come
from many different directions and target various components and operations. For example:
• Frontal attack: A direct attack on a system operation, generally by modifying or corrupting the
system code or tricking the system.
• Flanking: Reset attacks have proven effective. This is where an attacker forces a reset after it
has manipulated the BIOS to boot malicious software, which then inspects secrets and other
privileged information that remain in memory.
• Spying: Root kits are an example of where an attacker causes the platform to boot malicious
code that uses the platform’s virtualization capabilities to then load the expected operating
system in a false virtual environment. The system software is unaware that it is in a virtual
environment and the root kit is now in control of the platform and has access to everything
that the system places in memory.
A successful defense not only requires mechanisms to protect data, but also the means to detect changes and
establish trust in the platform.
What Is Trust? How Can Hardware Help?
For most people, trust means that you have faith in someone or something to do the right thing. A broader definition
would be “faith in someone or something to do something consistently.” For instance, one might say that they
“trust” that a computer virus will do harm—but they don’t “trust” the virus. Generally, we trust the operating system
to protect data and system resources, but we don’t trust an operating system that has been infected with a virus or
influenced by other malicious code. The challenge is to tell the difference.
Can we trust the system to determine if it is trustworthy? If you were to ask anyone if they can be trusted,
they will likely respond “yes”—especially criminals. The same holds true for software, especially malicious software.
To trust software, we need the ability to verify it in a way such that any change to the software changes its credential.
For instance, if an operating system can prove that it is an authentic version and has not been modified, it deserves
more trust than one that cannot. In fact, knowing that software has been modified is also valuable—because it allows
corrective action such as quarantine and repair.
Thus we cannot depend on the software itself to detect if it has been modified (for example, infected with
malicious code), because the malicious code might control or block the module that makes the trust decision.
Thus we look to hardware to help make that determination.
The industry’s leading security experts formed a nonprofit industry initiative known as the Trusted Computing
Group2
(TCG) to enhance trust and therefore security on computing platforms. The charter of the TCG is to develop
industry standards for trusted computing building blocks and define their use for various platform types. Their
efforts have produced a specification for a special security component (called a Trusted Platform Module, or TPM)
and specifications for how to use that module in PCs and servers. These documents are available from the TCG
web site (www.trustedcomputinggroup.org/). Several companies produce TPM chips that comply with these
specifications, specifically for use on PCs and servers. The TPM chip is a very secure device that provides a number
of security functions, and it is implemented in systems according to the TCG specifications by your favorite server
manufacturers.
2
http://www.trustedcomputinggroup.org/

4
A TPM chip is also one of the base components of Intel TXT, and provides the means to securely measure
software components such as firmware, platform configuration, boot code, boot configuration, system code, system
settings, and so on, to form a set of credentials for the platform components and system software. It also provides for
accurately using those measurements as proof of trust and the ability to protect those measurements.
The measurement process for Intel TXT starts with hardware (that is, microcode designed into the Intel
processor) and uses hardware (special chipset registers) to start the measurement process and store the
measurements in the Trusted Platform Module chip in a way that cannot be spoofed by software.
What Is Intel®
Trusted Execution Technology?
Intel TXT uses a combination of hardware, firmware, and software, and is built on and fully compliant with the
Trusted Computing Group PC Client and Server specifications.
In general, Intel TXT is:
A collection of security features.
•
A means to verify that those features are in use.
•
The means to securely measure and attest to system configuration and system code.
•
A means to set policies to establish a trust level based on those measurements.
•
Based on those policies, it is a means to:
Invoke enhanced capabilities (secure mode) for systems that meet that policy.
–
–
Prevent a system that fails the policy from entering the secure mode.
–
–
Determine if the system has entered the secure mode environment.
–
–
The means for a trusted OS (that is, the system operating in the secure mode environment)
•
to provide additional security features.
The ultimate goal of Intel TXT is to provide a more secure and hardened computing environment, but it is not
a means to an end. Rather it is a tool for achieving higher levels of trust, and that trust does not come from simply
enabling Intel TXT. The platform owner (e.g., datacenter IT manager) plays a key role in establishing what trust
means, and Intel TXT provides the flexibility so that the system administrator can create a trust policy to match the
requirements of the datacenter. Servers that implement Intel TXT can demonstrate (attest) that they comply with
a specific trust policy, and thus can be used to form pools of trusted servers based on the established trust policy.
Servers without Intel TXT and those that don’t meet the trust policy can be excluded from the trusted pools. With
the right policies in place, the datacenter can provide trusted pools of servers, allowing service clients to create
“use policies” depending on the trust level. One example of this is the ability to confine critical applications
(such as e-commerce services processing credit card information) to run only within a trusted pool. This has many
applications for both private and public cloud providers, as well as their clients.
Before one can create a trust policy, it is important to understand what Intel TXT does and does not do. To put it
in perspective, if we look at a bank’s security, we find multiple security methods in use (locks on the doors, bars on the
windows, a security alarm system, a surveillance system, a vault, armed guards, and so on). This is defense in depth
and implies that no one method can do it all and that various methods come into play at different times (for example,
doors and vaults tend to be unlocked and portions of the security alarm system are disabled during banking hours
when armed guards are present). Of particular interest is to note that some of the methods are to prevent intrusion
and others are just to detect and report it. The same is true for computer security; knowing when a breach has
occurred is very important—just as a bank manager would not open the vault until he knows the bank is secure,
Intel TXT can be configured to only allow the OS to launch if it knows the platform and system software are secure
and trusted (as defined by the datacenter’s policy). This secure launch allows the software to operate as a trusted OS,
but only after validating that the platform configuration and system software meet the datacenter’s policy.

5
So how do we define secure in this context? The short answer is to make sure that the system software is using all
of the protection afforded by the processor and chipset architectures.
And how do we define trusted? The answer requires a means to measure the platform and the software. For
servers, Intel TXT does that by incorporating two TCG concepts—a static chain of trust and a dynamic chain of trust,
as illustrated in Figure 1-1. The static chain of trust measures the platform configuration, and the dynamic chain of
trust measures the system software, software configuration, and software policies.
Static Chain of Trust
The static chain of trust measurements start when the platform powers on. It starts with microcode that is embedded
in the processor measuring an authenticated code module (ACM) provided by Intel. The ACM is a signed module
(whose signature and integrity is authenticated by microcode) that performs special security functions. The ACM
measures a portion of the BIOS code. That code then measures the remainder of BIOS code and configuration. Note
that BIOS code does not execute until after it has been measured. These measurements are stored in special platform
configuration registers (PCRs) inside a TPM (remember that the TPM is a very secure hardware device specified by the
TCG). Different PCRs hold different launch component measurements (as specified by the TCG). During this process,
the BIOS is required to turn on certain security features, and then call a function in the ACM that performs a security
check. Before the BIOS executes any additional code, such as option ROMs on third-party adapters, it must lock the
platform configuration by calling the ACM again, which performs additional security checks, and then locks certain
platform and processor registers. The BIOS also measures the Master Boot Record (MBR) and the OS Loader when
it boots the operating system.
The main takeaways are that measurements are started by hardware, measurements are protected from
tampering by the TPM, and code is measured before it is executed.
These “static” measurements are done only once, each time the platform powers on. These measurements are
referred to as platform configuration measurements.
Dynamic Chain of Trust
The dynamic chain of trust starts on request by the operating system (OS) via a special processor instruction, which
measures and verifies another ACM (the SINIT ACM), which will oversee the secure launch. The SINIT ACM performs
additional checks, which include making sure the BIOS passed its security checks and has locked the platform
configuration. The ACM then measures the OS (actually a portion of the OS referred to as the trusted OS) and invokes
Power
ON
BIOS
ACM
BIOS
(Trusted)
Option
ROMs MBR
OS
Loader
MLE (VMM)
If Platform
MLE Trusted
Boot
Time
Measure
SBIOS
Code
Additional Measurements
SINIT
ACM
Policy
Engine
Security
Checks
Lock
Configuration
Measure
Validate
ACM
uCode
uCode
Measure
Validate
ACM
Measure
Trusted
OS Code
Verify Platform
Meets Trust Policy
Additional
Measurements
Static Chain of Trust Dynamic Chain of Trust
Figure 1-1. IntelÒ
TXT launch timeline with static and dynamic chain of trust

6
a launch control policy (LCP) engine that will determine if the platform configuration and OS will be trusted
(as defined by the policy set by the system administrator).
A trusted OS (a term used by the TCG for system code that invoked and passed the secure launch
process—proving it meets the launch control policy) is allowed access to additional (privileged) security functions,
including using additional PCRs. The trusted OS can measure such things as additional code, data, and configuration
into those PCRs, and use the content of any of the PCRs to make trust decisions and seal/unseal data. Applications
(both on and off the platform) can also use those measurements to make trust decisions.
Virtualization
Intel TXT works equally well for both virtualized and nonvirtualized platforms. In the course of bringing Intel TXT
to market, the feedback has been quite strong that the primary and most compelling usage model for Intel TXT
on servers is with virtualized and cloud-based server systems. This is generally because it addresses some of the
key challenges introduced by moving to shared infrastructures. Specifically, it provides the ability to better control
applications (in the form of virtual machines) and migration of applications among available platforms (the cloud)
based on host trustworthiness. In other words, high availability and optimum utilization is achieved by migrating
applications to available servers while still maintaining a trusted environment.
The term OS for a server platform can be confusing because of the existence of multiple operating systems on a
virtualized host platform. This book uses the term host OS to refer to a hypervisor, virtual machine monitor (VMM),
or in the case of a nonvirtualized platform, the traditional bare-metal operating system or any other application or
utility that boots first. In any case, the host OS is the first system control program to boot. This is in contrast to an OS
instantiated in a virtual machine (VM), which will be referred to as a guest OS. Furthermore, a trusted OS is a host OS
that has successfully performed a secure launch. As a side note, while it is possible for the host OS to provide the same
type of secure launch to its guest operating systems, that capability is outside the scope of the current version of Intel
TXT and not discussed in this book.
OK, that last paragraph can be a little hard to read. So let’s try these definitions:
• OS: The system software that manages platform resources and schedules applications.
This includes
A hypervisor or virtual machine monitor that manages the
• virtual machines.
An OS that executes in a VM (i.e., the guest OS).
•
An OS executing on a nonvirtualized platform.
•
• Host OS: An OS that is not executing in a virtual machine, which can perform a secure launch,
and thus can be measured by hardware (i.e., Intel TXT).
• Guest OS: An OS that is executing in a virtual machine, which is not measured by hardware.
• Trusted OS: A host OS that has performed a measured launch and passed the datacenter
policy.
Measured Launch Environment
Because trust is a subjective term, Intel refers to the trusted OS as the measured launch environment (MLE), because
Intel TXT certifies the measurement of the trusted OS (not its trust) and enforces the platform owner’s policy—that
is, it has measured the OS and platform configuration and verified that they meet the platform owner’s launch policy.
The measurements (i.e., the values in the PCRs) can be used by any entity to make a trust decision. For example, the
platform owner can specify multiple OS measurements and platform configurations that will pass its launch policy,
but an application can be more restrictive and trust only a subset. As we will see later, this concept can be extended
and is the basis of attestation, which will be explained in detail later in this book.

Chapter 1 ■ INtrODUCtION tO trUSt aND INteL®
trUSteD eXeCUtION teChNOLOGY
7
The host OS is allowed to enter and exit the measured launch environment without having to reboot the platform.
To exit, the host OS simply invokes another special processor instruction that will reset the PCRs that were used to
measure the launch and those that were set by the trusted OS. Of course, this action also curtails the host operating
system’s access to some of the additional security resources. Reentering the secure environment restarts the dynamic
chain of the trust process, and thus recalculates the MLE measurements storing them in those PCRs, allowing
a different trusted OS (or different configuration of the same OS) to execute with its own set of trust credentials.
Finding Value in Trust
One of the nice things about Intel TXT is that its value can be appreciated by a number of different entities for various
purposes. Some of these values have already been realized and there are many more to come.
Cloud Computing
Looking at a typical cloud management model, as illustrated in Figure 1-2, the cloud service provider maintains a pool
of application servers, which hosts various applications provided by the cloud service clients. These applications are
scheduled to run at times and locations to meet both provider and client polices.
The service provider must be able to demonstrate that the cloud meets governing regulations, and provide an
audit trail to assure the client that all client and government requirements have been meet.
C
Cl
lo
ou
ud
d
M
M a
an
na
ag
ge
em
me
en
nt
t
S
Se
er
rv
vi
ic
ce
es
s
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
CLOUD
SERVICE
CLIENT
CLOUD
SERVICE
CLIENT
Compliance
Audit
Scheduling
GRC
Provider Policy
Client Policy
C
Cl
lo
ou
ud
d
S
Se
er
rv
vi
ic
ce
e
P
Pr
ro
ov
vi
id
de
er
r
o
o
o
Application
Servers
Figure 1-2. Cloud management model
Download
from
Wow!
eBook
www.wowebook.com

8
Because Intel TXT provides measurements of platform configurations and operating systems, adding Intel TXT
to the picture allows the trust status of the application servers to enter into the equation. It allows both the service
provider and the service client the ability to establish trust policies based on Intel TXT measurements and to identify
servers that meet those polices, as illustrated in Figure 1-3.
Up till now, we have talked about measuring components, but the measurements themselves don’t prove
anything, or do they? Actually, it is the combination of the components that are measured, how the measurements
are made, how the measurements are stored, and how the measurements are accessed that provides the basis
for attestation.
Attestation: The Founding Principle
Furthering our discussion of how a bank uses multiple security concepts, let’s focus on the banking transaction.
Before executing a transaction, bank tellers require proof of the customer’s identity. In the United States, that would
typically be a driver’s license or some other government-issued identification. State-issued driver’s licenses and IDs
have evolved over the years. In 1960, a license was simply a piece of paper printed with the state seal and folded in
half to about the size of a business card. Personal information such as date of birth, height, weight, color of eyes,
and hair color were typed in the respective boxes on that form by the issuing agency. Needless to say, it was fairly
easy to modify, and thus subject to abuse. To reduce misuse and fraud, states started laminating each license with
a photograph, thus making it harder to alter the data, and the photograph provided better identification. Of course,
this assumes that the state issues the license to the right person. After the 9/11 attack, the US federal government
C
Cl
lo
ou
ud
d
M
M a
an
na
ag
ge
em
me
en
nt
t
S
Se
er
rv
vi
ic
ce
es
s
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
Server
CLOUD
SERVICE
CLIENT
CLOUD
SERVICE
CLIENT
o
o
o
Compliance
Audit
Application
Servers
Scheduling
GRC
Provider Policy
Client Policy
Trust
Level
Unknown
Trust
Policy
A
Quarantined
Trust
Policy
B
C
Cl
lo
ou
ud
d
S
Se
er
rv
vi
ic
ce
e
P
Pr
ro
ov
vi
id
de
er
r
Trusted
Compute
Pool
Figure 1-3. Cloud management trust model

9
placed more requirements on states—both on how the ID is created (including holographic images and special
watermarks) and how the state validates the identity of the person being issued the license.
Just as a bank teller has to be able to verify the customer’s identity, software needs a means to identify its
environment. A driver’s license is simply a certificate of attestation, and the same principles apply to validating
software. One way to look at it is that the description on a license along with the photograph constitutes
measurements of the person. That certificate also identifies who issued the certificate, and has features used to detect
if it has been altered.
For Intel TXT, attestation is the ability to securely verify a set of component measurements. It is the founding
principal for Intel TXT and accomplished by performing a cryptographic hash of each component. These components
include BIOS code, BIOS configuration settings, I/O adapter option ROM code, I/O adapter configuration, MBR,
bootstrap code, boot settings, ACM code, trust policies, OS code, OS configuration, and anything else that the OS
wishes to measure. By measuring components using a cryptographic hash, corrupted components are easily detected
via a change in their measurements.
But attestation involves more than just making the measurements. Those measurements constitute a certificate,
and Intel TXT has to guarantee the following:
The certificate comes from a trusted source
•
The certificate is accurate
•
The certificate has not been modified (at the source or in transit)
•
Value to System Software
You might ask why you need Intel TXT if you already trust the OS, since the processors and chipsets already provide
a number of security features that the OS uses to protect itself against attacks, and you have installed virus protection
and other security software. The first realization comes from the ability for the OS to use those functions, as well as
load additional security software only after the OS loads. So what happens when the OS is not running? What about
attacks against the relatively unprotected BIOS and the pre-boot environment? The following are some of the benefits
that Intel TXT provides:
Protection against reset attacks
•
Protection against root kits
•
Sealing data
•
The ability to provide more secure services to VMs and applications
•
System credentials
•
Note
■
■ Processors and chipsets provide a number of security features that an OS uses to protect itself from

unintentional or malicious modification while it is running. Intel TXT extends that protection to when the OS is not running.
That is, the OS has to start out uncorrupted for it to remain uncorrupted, and Intel TXT helps prove that the OS starts
up uncorrupted.
Intel TXT makes it possible to detect unauthorized changes to BIOS and BIOS configuration, changes to the boot
sequence, and changes to the OS and OS configuration. More important is that it provides an attestation mechanism
that can be used by any entity that wishes to make a trust decision.

10
Cloud Service Provider/Cloud Service Client
Intel TXT’s attestation opens up a whole new world of possibilities that can be realized by both local and remote
entities. In addition to securely measuring and maintaining platform/OS measurements, Intel TXT provides the
means to securely convey those measurements to external entities. Intel TXT also provides the means to determine if
a platform is operating in the secure mode and for determining the policy for allowing secure mode. The datacenter
sets the bar establishing the minimum trust level by setting the launch policy. Later, we take a close look at just what
that means and how it is done, and discuss considerations in selecting a policy.
Management software can use this to provide capabilities such as:
The ability to quarantine platforms with unauthorized modifications (that is, platforms that
•
don’t match “known good” configurations).
Trusted compute pools and trust policy–based migration.
•
Additional trust and security control metrics such as geo-tagging.
•
Enhanced audit trail and compliance support.
•
Figure 1-3 illustrates how platforms can be categorized based on Intel TXT measurements. A trusted compute
pool consists of those servers that have demonstrated that they have a known good configuration. This excludes those
with an unknown trust level (those that don’t support Intel TXT or don’t have it enabled) and, of course, those that fail
the Intel TXT launch control policy. The trusted compute pool can be further categorized into pools of trust based on
various trust policies set by the service provider and service client.
As we continue to unravel the mysteries of Intel TXT, we will discover that the platform provides for 24
different secure measurements. Some are defined for specific purposes and others allow innovation. If one of the
measurements included a geographic location identifier (geo-tag), policies could then limit applications to specified
countries, states, or regions. This is especially important because a growing number of privacy laws and other
governmental regulations stipulate controls and protections that vary depending on location or restrict data to certain
geographical boundaries.
These capabilities are valuable for both public and private clouds. Even within a private cloud, different
workloads have different security requirements—just as different workloads are assigned to different classes of servers
in a traditional nonvirtualized datacenter. The ability to prove trust and maintain trust levels allows the cloud to host
more restrictive applications, such as a finance or human resources department workloads that would no longer need
separate compute facilities. These capabilities can give public cloud service providers the ability to enforce and charge
according to the security level required. They give the public cloud service clients the tools to specify required trust
levels and geographical boundaries, as well as the means to validate compliance to those requirements.
Before we discuss these capabilities—and they will be covered in more depth in subsequent chapters—we need
to understand more about how Intel TXT works and from where the trust comes. As we progress through this book,
we will answer the following questions:
How does Intel TXT provide attestation, and what makes it so powerful?
•
How does the system administrator enable it?
•
How does the datacenter take advantage of it?
•
How does system software use it?
•
How do others make use of it?
•
Then we will take a closer look at attestation and how it is currently used. To get a glimpse of the future,
we will also discuss concepts that are being evaluated and prototyped.

Another Random Document on
Scribd Without Any Related Topics

nakatayo pa ang kanyang
mg̃a haligi.
Bb. Fausta Cortes
Pang̃ulo ng̃ Lupon ng̃ mg̃a Manunulat at siyang kumatha
ng̃ “Agawan ng̃ Dang̃al” na ikatlong aklat ng̃ Aklatan ng̃
“Kami Naman”
(Tunghayan ang dahong ika 21)

Sa kabantugan ng̃ “Kami
Naman” ay malaki ang
naitutulong ng̃ Lupon ng̃ mg̃a
Manunulat. Nagbukas ito ng̃
isang aklatan sa
kapakinabang̃an ng̃ lahat.
Kasapi at hindi sa “Kami
Naman” ay binibigyan ng̃
laya. Doon ay sarisaring
pahayagan at iba’t ibang
aklat ang nagaantabay sa
kahi’t kanino.
Bukod sa pagsisikap ng̃
Lupon ng̃ mg̃a Manunulat ng̃
“Kami Naman” na
makapagpalabas ng̃ mg̃a
akda, ay naguukol din ng̃
panahon sa paglilinang ng̃
wikang tagalog. Ang
katotohana’y napalaban na
sila sa tanyag na Aklatang
Barusog. Ang mg̃a taga
“Kami Naman” ay ayaw
gumalang sa pagpatay ng̃ N
sa piling ng̃ G̃. Ano pa’t hindi
sila kaayon sa modang ang
ANG ay isulat ng̃ AG̃
(pinatay ang N). Ang mg̃a
taga Aklatang Barusog ay
nagtanggol naman sa
kabilang panig.
Sa mg̃a ikinilos na ito ng̃
Lupon ng̃ mg̃a Manunulat ng̃
“Kami Naman” ay kinilala ni

G. Sofronio G. Calderon ang
kanilang pagsusumakit. At na
ito ang isa niyang lathala na
tumutukoy sa:

KAPAKANAN
ÑG WIKANG
TAGALOG
Ito ng̃ang wikang
Tagalog, itong wika nina
Solima’t Lakandula, nila
Balagtas at Pilapil, nila
Rizal na ng̃ayo’y
kasalukuyang
pinagmamasakitan ng
Aklatang KAMI
NAMAN, ay hindi lihim,
at sa katunayan ay
nariyan ang lagda ng
mga bantog na
mananalaysay na
kumilala ng kasakdalan
ng wikang ito,
palibhasa’y ang wikang
Tagalog ay isang wikang
may sariling likas, may
sariling ganda, may
sariling yaman at isang
wikang maipagbabadiya
ng tanang saloobin at
damdaming
sumasapuso’t ísip ng
tao; anopa’t sa katagang
sabi, itong wikang
Tagalog na ating

kinamulatan, nilakhan at
pinaka kaluluwa ng
ating bayan ay may
dakilang kapakanan
ayon sa pagkakaakma’t
pagkakabalangkas sa
isang paraang tumpak at
kagilagilalas.
Sofronio G.
Calderón.
Dahil sa talino ng̃ isa sa mg̃a
“Bituin” ng̃ “Kami Naman”
ang Lupon ng̃ mg̃a
Manunulat ay nagkamit ng̃
karang̃alang sa “Kami
Naman” nanggaling ang
ikatlo sa mg̃a babaing
pilipina na kumatha ng̃
kasaysayan. Iyan ay si Bb.
Pascuala Pintor na sumulat
ng̃ nobelang “Tagumpay ng̃
Api”, na siyang unang aklat
na pinalabas ng̃ Lupon ng̃
mg̃a Manunulat. Kung ¿ano
ang “Tagumpay ng̃ Api”? ang
isang liham ni G. Aurelio
Tolentino ang dapat sumagot:
“Bb. Pascuala Pintor.
“Mahal na binibini:

“Tinanggap ko po at
pinasasalamatan ang
mahalagang handog ninyo sa
akin, isang salin ng inyong
matalinong nobelang
“Tagumpay ng Apí”.
“Kulang ang lahat ng papuring
kaya kong sabihin, upang
tumbasan ang hiwagang sarap
ng aklat na nabanggit. Bukod sa
talagang may kalugodlugod na
ganda sa pagkakahanay ng mga
salitang bihis ng kanyang
mayayamang isipan, ay
naghahandog pa sa damdamin
ng ulirang buhay na gaya ng
kay Teban, aralan gaya ng kay
Titay at katarungang gaya ng
kay Mameng at kay Leon.
“Palibhasa’y marami na ang
mga nobelang Tagalog; dahil sa
mga mahahalaga rin naman ay
maitutulad sa isang kuwintas na
gintong sinasagisag ng bagong
buhay. Ang “Tagumpay ng
Apí”, ngayong mapakituhog sa
kuwintas na iyan, ay naging
pinakamaluningning na
«relicariong» tinampakan ng
makikinang na batong
diamante, at may mahal na
laman sa loob, ang buhay na
larawan ng kabaitang
nagtagumpay sa dagok ng
kapaslangang binigti ng
katarungan ng sariling
damdamin.
“Naghihintay pagutusan ang
talisuyo nilang si

“Aurelio Tolentino.
“Maynila, ika 30 ng Junio ng
1914.”
Sumunod na pinalabas ng̃
mg̃a manunulat ng̃ “Kami
Naman” ang aklat ni G.
Rosendo S. Cruz. “Tuntunin
ng̃ Pulong” ang pamagat at
gaya rin ng̃ “Tagumpay ng̃
Api” ay nagtamo ng̃ mg̃a bati
at papuri. Isa na rito ang
kalatas ng̃ isang taga
Malabon, Rizal, na si G.
Amado Jacinto. Aniya’y
“Malabon, Rizal, S. P.
“Ika 30 ng Okt., 1914.
“G. Rosendo S. Cruz.
“Mahal na kaibigan: Tinanggap
ko ang isang salin ng iyong
mahalaga at munting aklat na
ang pamagat ay “Tuntunin ng
Pulong”, at ako’y
nagpapasalamat ng marami.
“Rosendo, ang iyong aklat, sa
ganang sarili ko, ay dapat mong
ipagkapuri. ¿At bakit?
Sapagka’t sa aklat mong itong
maliit at mura lamang ay
mayroon kang isang dakilang
bagay na matuturo. At ito’y ang
pagpapakilala mo sa iba, na ang
kahalagahan ng isang katha’y
wala sa kapal at sa laki, kundi
nasa uri at saka sa layon: uring

siyang bilang pinakapagaari ng
isang aklat, at layon namang
siyang tunay na ariariang
kinapapalamnan ng dañgal ng
isang kumatha.
“Ang uring tinutukoy ko rito
ñgayon ay hindi ang tungkol sa
kalinisan o karumham ng
literatura, kundi ang kung
nakapagtuturo o hindi
nakapagtuturo; at ang sa layon
nama’y kung mabuti o híndi,
samakatuwid ay kung ang
pakinabañgan o makinabang
lamang.
“Kapag ang isang aklat ñga’y
may uring nakapagtuturo at
may mabuting layon, para sa
akin ay sukat na, upang
kalugdan kong basahin at
hanggang sa purihin pa pati ng
kumatha.
“¡At lalo pa marahil, kung ang
kumathang iya’y isang
kaibigang katulad mo! ¿Hindi
ba?
“Tungkol sa pagbabasa ng mga
aklat ay aking maipagtatapat sa
iyong ako ñga’y mayroon ng
kakaibang panglasa kay sa dati,
at ang sabi ko’y ganito,
sapagka’t hindi na ako
nalulugod ñgayon sa mga
Felipe Trigo at Eduardo
Zamacois, diyan sa mga
mapaglarawan at mapaglikha
ng mga kuwadrong
nakapagpapagalaw ng laman at
nakapagpapakalam ng balat, na

sa mahinang loob ay sapat
makapagdulot ng isang
masidhing pagkakilití; kundi
doon na unti-unting nawiwili
ang aking loob sa mga Heberto
Spencer at Samanuel Smiles, sa
mga Noé Porter at Tomas
Stanley.
“At dahil sa ganitong
pagbabago ng aking hilig, ay
huwag ilalaki ng iyong loob na
ipalagay at sabihing kong ang
aklat mo’y lalo pang kapuri-
puri kay sa di iisa’t dadalawang
naghahalaga riyan ng 40 at 50
sentimos, sa pagka’t ang iyo’y
nakatutulong sa pagtitipid ng
panahon ng mga samahan kung
sila’y may pinagpupuluñgan,
samantalang ang mga yao’y
pawang mga awit ding mistula
ng nakalipas na panahon natin,
iba ñga lamang ang pañgalan,
anyo at bihis; dapuwa’y sing-
isa ring walang nagagawa
kundi ang magparami ng mga
pañgahas, pilyo, at palalo.
“Iyan ang mga sanhi, kung
kaya’t baga man may kulang at
di mo binuó ang “Tuntunin ng
Pulong” na iyong sinulat, ay
hinahandugan din kita ng isang
maligayang bati, na kasabay ng
pakikikamay ko’y tanggapin
mo rito sa tapat, at natatalaga
mong kaibigan.
(May lagda.) “Amado
Jacinto.”

Ang ikatlong aklat na
ipinalimbag ay ang “Agawan
ng̃ Dang̃al” na akda naman ni
Bb. Fausta Cortes. Ang
nagpanukala’t nagtatag ng̃
mg̃a balitang “Ilaw at
Panitik”, “Aklatang Barusog”
(mg̃a Samahan ng̃ mg̃a
manunulat na tagalog) at
“Hijos del Siglo” na si G.
Honorato H. de Lara ay
siyang nagpakilala sa madla
kung ano ang “Agawan ng̃
Dang̃al”.
Isang liga ng̃ indoor base
ball ang itinanyag naman ng̃
Lupon sa Pagpapalakas. Ang
bituing Concepcion
Magallanes ay siyang
naghagis ng̃ unang pukol ng̃
bola. Limang team ang
lumaro at ito’y ang “Marte”,
“Katubusan”, “Sinag
Kapuluan”, “Makabayan”, at
“Kami Naman”. Ang
“Marte” ang nagtamo ng̃
tang̃ing gantingpala.
Ang Lupon ng̃ mg̃a Bituin ay
kalabisan ng̃ sabihin pa kung
ano ang nagawa at ginagawa.
Sukat ang ipagtapat na utang
sa mg̃a “bituing” ito, ang
lahat ng̃ ikinilos ng̃ “Kami
Naman”. Paano’y sila ang

buhay at kalulwa ng̃
Samahan.
Patuloy sa magiliw na
pagdadamayan ang Lupon sa
Damayan.
Ng̃uni’t ang Lupon sa
Kalakal ay napahimbing.
Ang Lupon na ito lamang
ang nagmintis. Gayon ma’y
nakapagtayo rin ng̃ tindahan
noong Febrero ng̃ 1913, baga
man nabuhay ng̃ may anim
na buwan lamang.
Sa mg̃a kasiglahang ito ng̃
mg̃a lupon ng̃ “Kami
Naman” ang Samahan ay
palaging nakapagwawasiwas
ng̃ watawat ng̃ tagumpay sa
lahat ng̃ kanyang balak. At
man sa tuwing bago siyang
panukala, ang mg̃a
pahayagan ay nang̃agsabing
«Bagong maningning na
dahon na naman ang
mapaparagdag sa
hinahang̃aang kasaysayan ng̃
“Kami Naman”.»
At dapat namang dakilain
ang “Kami Naman”,
palibhasa’y isang samahang
nakikipagkapatiran sa lahat,
sampu sa mg̃a

nagpapakaimbi sa pagpatay
sa kanya. Kung totoo mang
may mg̃a kamaliang nagawa
ay totoo rin namang lalong
marami ang tumpak na
pinang̃atawanan.
Diyan natapos ang dalawang
taong pamamahala ni G.
Angel de los Reyes na
nagwagi sa tatlong halalang
sunod-sunod sa pagka
Pang̃ulo ng̃ Samahan.
¡¡¡Panahon ang humatol sa
magiging kapalaran ng̃ mg̃a
samahang katulad ng̃ “Kami
Naman”!!!
HANGGA

Talaan ng Nilalaman
SA TUTUNGHAY
PATALASTAS
PANGUNANG HAKA NI G.
Rosendo S. Cruz V
SA MGA BITUIN NG “KAMI
NAMAN” IX
I. MGA PUSONG
NAMANDAW NG KAPWA
PUSO 13
II. HINDI NAPAWASTONG
PAGTITIYAP 27
III. MGA HALIK NG
PAGIROG 35
IV. MASIGASIG NA KILOS NI
PASTOR 53
V. ¡WALANG SALA! ¡ANG
TAGUMPAY AY ATIN! 61
VI. ANG ARAW NI
LOLENG 67
VII. ANG PAGKAKATAONG
LALONG MASAKLAP 90
VIII. MGA NALUGMOK SA
LIWANAG NG BUWAN 96
IX. BALIW NA NAGSASABI
NG KATOTOHANAN 104
X. SA LAOT NG HAPIS 113

Kolopon
Mga Maaaring Gamit
This eBook is for the use of
anyone anywhere at no cost
and with almost no restrictions
whatsoever. You may copy it,
give it away or re-use it under
the terms of the Project
Gutenberg License included
with this eBook or online at
www.gutenberg.org .
This eBook is produced by the
Online Distributed Proofreading
Team at www.pgdp.net .
Agawan ng Dangal is a Tagalog
romance novel published by a
socio-civic youth organization
called Kami Naman. Aside from
the novel, this book contains a
section on the history of Kami
Naman.
In the novel, Beteng, a rich
young man, is a suitor of a
beautiful maiden named
Dolores (Loleng). Artemyo acts
as Beteng’s “bridge,” serenading
Loleng to win Beteng her

affection. Unfortunately for
Beteng, Loleng falls for Artemyo
instead. Beteng is hurt by
Loleng’s rejection and sets out
to tarnish Artemyo’s reputation,
or rob him of honor (agawan
siya ng dangal).
Pagkaka-enkowd
Scans of this work are available
from the Internet Archive (copy
1 ).
Tala ng mga Ginawang
Pagbabago
2011-02-01 Started.
Mga Di-Nakapaloob na
Reperensiya
Ang elektronikong aklat na ito
ng Proyektong Gutenberg ay
may mga reperensiyang hindi
nakapaloob. Ang mga link para
sa mga ito ay maaaring hindi
gumana.
Mga Pagwawasto
Ang mga sumusunod ay ang
mga pagwawastong ginawa sa
teksto:
Pahina Orihinal Pagwawasto
VI ng̃ ni

VII sarile sarili
VIII suliranin suliraning
VIII bagay baga’y
X AGAWANG AGAWAN
15 ang̃ ang
16 dooron doroon
19, 69,
77 —
21, 30,
30, 123
[Wala sa
orihinal] ¡
22 mahinhin mahinhing
23 áyon ayon
24 gina gitna
36, 49,
51, 52,
67, 68,
110, 3 ng ng̃
37 pinakikibang̃an pinakikinabang̃an
40 isasad isasaad
40 Luming̃os Luming̃on
53, 78,
91, 98
[Wala sa
orihinal] —
53 kanyang̃ kanyang
54, 59,
123,
N.A.
[Wala sa
orihinal] .
55 namang naman
70 ni ng̃
78 [Wala sa
orihinal] ¿
81 haban habang
83 Humakban Humakbang

83 walá wala
84 kaawawa kaawaawa
84 ni si
88 Bala na’y Balana’y
100 sa sa sa
105 na na na
107 kanilang̃ kanilang
112 Itangis Itang̃is
121 NG NG̃
122 hangal hang̃al
123 nga ng̃a
124 saan saang
125 hangga hanggang
125 mga mg̃a
126 [Wala sa
orihinal] ,
126 hinahang̃aan hinahang̃aang
127 binigyang binigyan
128 magbibinhi nagbibinhi
129 Ilang Ilan
129 nasa na sa
130 Jaires Jaurès
130 kong ng̃a ko ng̃ang
131 nakikita nakikilala
131 [Wala sa
orihinal] [...]
132 bayang bayan
134 magandang maayos na
N.A. NG ÑG
5, 22 ng̃ ang
10 nakapunapuna na kapunapuna

12 : ;
14 Namsn Naman
18 KAMI-NAMAN KAMI NAMAN
20 iay ay
20 isag isang
20 sapagtitipid sa pagtitipid
21 ding din
21 . ,

*** END OF THE PROJECT GUTENBERG EBOOK AGAWAN NG
DANGAL ***
Updated editions will replace the previous one—the old editions
will be renamed.
Creating the works from print editions not protected by U.S.
copyright law means that no one owns a United States
copyright in these works, so the Foundation (and you!) can copy
and distribute it in the United States without permission and
without paying copyright royalties. Special rules, set forth in the
General Terms of Use part of this license, apply to copying and
distributing Project Gutenberg™ electronic works to protect the
PROJECT GUTENBERG™ concept and trademark. Project
Gutenberg is a registered trademark, and may not be used if
you charge for an eBook, except by following the terms of the
trademark license, including paying royalties for use of the
Project Gutenberg trademark. If you do not charge anything for
copies of this eBook, complying with the trademark license is
very easy. You may use this eBook for nearly any purpose such
as creation of derivative works, reports, performances and
research. Project Gutenberg eBooks may be modified and
printed and given away—you may do practically ANYTHING in
the United States with eBooks not protected by U.S. copyright
law. Redistribution is subject to the trademark license, especially
commercial redistribution.
START: FULL LICENSE

THE FULL PROJECT GUTENBERG LICENSE

Welcome to our website – the perfect destination for book lovers and
knowledge seekers. We believe that every book holds a new world,
offering opportunities for learning, discovery, and personal growth.
That’s why we are dedicated to bringing you a diverse collection of
books, ranging from classic literature and specialized publications to
self-development guides and children's books.
More than just a book-buying platform, we strive to be a bridge
connecting you with timeless cultural and intellectual values. With an
elegant, user-friendly interface and a smart search system, you can
quickly find the books that best suit your interests. Additionally,
our special promotions and home delivery services help you save time
and fully enjoy the joy of reading.
Join us on a journey of knowledge exploration, passion nurturing, and
personal growth every day!
ebookbell.com

Intel Trusted Execution Technology For Server Platforms A Guide To More Secure Datacenters William Futral

More Related Content

Similar to Intel Trusted Execution Technology For Server Platforms A Guide To More Secure Datacenters William Futral (20)

Recently uploaded (20)

Intel Trusted Execution Technology For Server Platforms A Guide To More Secure Datacenters William Futral