Principles of Layered Attestation

نویسنده

  • Paul D. Rowe
چکیده

Systems designed with measurement and attestation in mind are often layered, with the lower layers measuring the layers above them. Attestations of such systems, which we call layered attestations, must bundle together the results of a diverse set of application-specific measurements of various parts of the system. Some methods of layered attestation are more trustworthy than others, so it is important for system designers to understand the trust consequences of different system configurations. This paper presents a formal framework for reasoning about layered attestations, and provides generic reusable principles for achieving trustworthy results.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Attestation: Evidence and Trust

Attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser. An open-ended framework for attestation is desirable for safe support to sensitive or high-value activities on heterogeneous networks. We identify five central principles to guide development of attestation systems. We argue that (i) attestation must be able to deliver temporally fr...

متن کامل

Practical Third-Party Attestation for the Cloud

Central to establishing trust in a service is knowing what code is running. On a single host, this can be ensured by locally downloading and compiling code, including the operating system image. However, this is not possible for programs that are run by another party: even if the source code is known and available to a client, she cannot verify that a service is actually running that trusted co...

متن کامل

TapCon: Practical Third-Party Attestation for the Cloud

One way to establish trust in a service is to know what code it is running. However, verified code identity is currently not possible for programs launched on a cloud by another party. We propose an approach to integrate support for code attestation—authenticated statements of code identity—into layered cloud platforms and services. To illustrate, this paper describes TapCon, an attesting conta...

متن کامل

A Robust Integrity Reporting Protocol for Remote Attestation

Trusted Computing Platforms provide the functionality of remote attestation, i.e. attesting the configuration and status of a system to a remote entity. Remote attestation hereby proves integrity and authenticity of system environments. This is crucial for policy enforcement, which in turn is needed in many usage scenarios, e.g., DRM. However, applying remote attestation solely allows masquerad...

متن کامل

Lightweight Remote Attestation using Physical Functions

Remote attestation is a mechanism to securely and verifiably obtain information about the state of a remote computing platform. However, resource-constrained embedded devices cannot afford the required trusted hardware components, while software attestation is generally vulnerable to network and collusion attacks. In this paper, we present a lightweight remote attestation scheme that links soft...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/1603.01244  شماره 

صفحات  -

تاریخ انتشار 2016