Principles of Layered Attestation
نویسنده
چکیده
Systems designed with measurement and attestation in mind are often layered, with the lower layers measuring the layers above them. Attestations of such systems, which we call layered attestations, must bundle together the results of a diverse set of application-specific measurements of various parts of the system. Some methods of layered attestation are more trustworthy than others, so it is important for system designers to understand the trust consequences of different system configurations. This paper presents a formal framework for reasoning about layered attestations, and provides generic reusable principles for achieving trustworthy results.
منابع مشابه
Attestation: Evidence and Trust
Attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser. An open-ended framework for attestation is desirable for safe support to sensitive or high-value activities on heterogeneous networks. We identify five central principles to guide development of attestation systems. We argue that (i) attestation must be able to deliver temporally fr...
متن کاملPractical Third-Party Attestation for the Cloud
Central to establishing trust in a service is knowing what code is running. On a single host, this can be ensured by locally downloading and compiling code, including the operating system image. However, this is not possible for programs that are run by another party: even if the source code is known and available to a client, she cannot verify that a service is actually running that trusted co...
متن کاملTapCon: Practical Third-Party Attestation for the Cloud
One way to establish trust in a service is to know what code it is running. However, verified code identity is currently not possible for programs launched on a cloud by another party. We propose an approach to integrate support for code attestation—authenticated statements of code identity—into layered cloud platforms and services. To illustrate, this paper describes TapCon, an attesting conta...
متن کاملA Robust Integrity Reporting Protocol for Remote Attestation
Trusted Computing Platforms provide the functionality of remote attestation, i.e. attesting the configuration and status of a system to a remote entity. Remote attestation hereby proves integrity and authenticity of system environments. This is crucial for policy enforcement, which in turn is needed in many usage scenarios, e.g., DRM. However, applying remote attestation solely allows masquerad...
متن کاملLightweight Remote Attestation using Physical Functions
Remote attestation is a mechanism to securely and verifiably obtain information about the state of a remote computing platform. However, resource-constrained embedded devices cannot afford the required trusted hardware components, while software attestation is generally vulnerable to network and collusion attacks. In this paper, we present a lightweight remote attestation scheme that links soft...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1603.01244 شماره
صفحات -
تاریخ انتشار 2016