RE-TRUST: Trustworthy Execution of SW on Remote Untrusted Platforms
نویسنده
چکیده
A major challenge in software security is preserving software integrity. Traditionally, this problem is addressed through the development of software (self-) checking techniques that verify the integrity of its code and execution. Unfortunately, no satisfactory solutions for run-time verification of software integrity have been presented. In this paper, we approach the problem of run-time software integrity verification in a networked context. That is, we present techniques to enable remote verification of the execution of software, given the availability of a continuous network connection between the verification entity and the untrusted execution platform.
منابع مشابه
Trusted Passages: Managing Distributed Trust to Meet the Needs of Emerging Applications
Proposed Work. The inherent complexity of applications, technologies, and platforms in today’s large scale distributed systems makes it extremely challenging for open systems to provide trustworthy services to end-users. In this research project, we propose an approach that integrates modern system virtualization techniques as well as new methods for runtime trust monitoring and assessment. Thi...
متن کاملEngineering Attestable Services (short paper)
Web services require complex middleware in order to communicate using XML standards. However, this software increases vulnerability to runtime attack and makes remote attestation difficult. We propose to solve this problem by dividing services onto two platforms, an untrusted front-end, implementing the middleware, and a trustworthy back-end with a minimal trusted computing base.
متن کاملSMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust
Remote attestation is the process of securely verifying internal state of a remote hardware platform. It can be achieved either statically (at boot time) or dynamically, at run-time in order to establish a dynamic root of trust. The latter allows full isolation of a code region from preexisting software (including the operating system) and guarantees untampered execution of this code. Despite t...
متن کاملSMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust
Remote attestation is the process of securely verifying internal state of a remote hardware platform. It can be achieved either statically (at boot time) or dynamically, at run-time in order to establish a dynamic root of trust. The latter allows full isolation of a code region from preexisting software (including the operating system) and guarantees untampered execution of this code. Despite t...
متن کاملAnalyzing Trusted Elements in Mobile Devices
Since last two decades, we have witnessed a significant trend from PC to mobile devices. The primary focus of this shift on mobile devices is making a device personal to the user, but, unfortunately, neglecting the trustworthiness of mobile devices. Mobile devices consist of many elements in hardware, software (firmware) and a combination of both. Some of these elements on mobile devices are tr...
متن کامل