|
 ABSTRACT
The Trusted Computing Group (TCG) has issued several specifications to enhance the architecture of common computing platforms by means of new functionalities, amongst others the (binary) attestation to verify the integrity of a (remote) computing platform/application. However, as pointed out recently, the binary attestation has some shortcomings, in particular when used for applications: First, it reveals information about the configuration of a platform (hardware and software) or application. This can be misused to discriminate certain configurations (e.g., operating systems) and the corresponding vendors, or be exploited to mount attacks. Second, it requires the verifier to know all possible ``trusted'' configurations of all platforms as well as managing updates and patches that change the configuration. Third, it does not necessarily imply that the platform complies with desired (security) properties. A recent proposal to overcome these problems is to transform the binary attestation into property-based attestation, which requires to only attest whether a platform or an application fulfills the desired (security) requirements without revealing the specific software or/and hardware configuration.Based on previous works, we propose a concrete efficient property-based attestation protocol within an abstract model for the main functionalities provided by TCG-compliant platforms. We prove the security of this protocol under the strong RSA assumption and the discrete logarithm assumption in the random oracle model. Our scheme allows blind verification and revocation of mappings between properties and configurations.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
|
 |
2
|
Paul Barham , Boris Dragovic , Keir Fraser , Steven Hand , Tim Harris , Alex Ho , Rolf Neugebauer , Ian Pratt , Andrew Warfield, Xen and the art of virtualization, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
|
| |
3
|
P. Barham, B. Dragovich, K. Fraser, S. Hand, A. Ho, and I. Pratt. Safe hardware access with the Xen virtual machine monitor. In 1st Workshop on Operating System and Architectural Support for On-Demand IT Infrastructure, 2004.
|
| |
4
|
|
| |
5
|
J. Camenisch and J. Groth. Group signatures: Better efficiency and new theoretical aspects. In C. Blundo and S. Cimato, editors, SCN, volume 3352 of LNCS, pages 120--133. Springer, 2004.
|
| |
6
|
J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In Third Conference on Security in Communication Networks - SCN '02, volume 2576 of LNCS, pages 268--289. Springer-Verlag, Berlin Germany, 2002.
|
| |
7
|
J. Camenisch and V. Shoup. Practical verifiable encryption and decryption of discrete logarithms. In D. Boneh, editor, CRYPTO, volume 2729 of Lecture Notes in Computer Science, pages 126--144. Springer, 2003.
|
| |
8
|
J. Camenisch and M. Stadler. Proof systems for general statements about discrete logarithms. Technical Report TR 260, Department of Computer Science, ETH Zürich, Mar. 1997.
|
| |
9
|
R. Canetti. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13(1):143--202, Winter 2000.
|
| |
10
|
Common Criteria Project Sponsoring Organisations. Common Criteria for Information Technology Security Evaluation, Aug. 1999. Version 2.1, adopted by ISO/IEC as ISO/IEC International Standard (IS) 15408 1-3. Available from http://csrc.ncsl.nist.gov/cc/ccv20/ccv2list.htm.
|
| |
11
|
Joan G. Dyer , Mark Lindemann , Ronald Perez , Reiner Sailer , Leendert van Doorn , Sean W. Smith , Steve Weingart, Building the IBM 4758 Secure Coprocessor, Computer, v.34 n.10, p.57-66, October 2001
[doi> 10.1109/2.955100]
|
| |
12
|
|
| |
13
|
|
| |
14
|
Tal Garfinkel , Ben Pfaff , Jim Chow , Mendel Rosenblum , Dan Boneh, Terra: a virtual machine-based platform for trusted computing, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
|
| |
15
|
T. C. Group. TCG software stack specification. http://trustedcomputinggroup.org, Aug. 2003. Version 1.1.
|
| |
16
|
V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation: A virtual machine directed approach to trusted computing. In USENIX Virtual Machine Research and Technology Symposium, May 2004. also Technical Report No. 03-20, School of Information and Computer Science, University of California, Irvine; October 2003.
|
| |
17
|
|
| |
18
|
R. MacDonald, S. Smith, J. Marchesini, and O. Wild. Bear: An open-source virtual secure coprocessor based on TCPA. Technical Report TR2003-471, Department of Computer Science, Dartmouth College, 2003.
|
| |
19
|
|
| |
20
|
J. Marchesini, S. W. Smith, O. Wild, and R. MacDonald. Experimenting with TCPA/TCG hardware, or: How I learned to stop worrying and love the bear. Technical Report TR2003-476, Department of Computer Science, Dartmouth College, 2003.
|
| |
21
|
Microsoft Corporation. Building a secure platform for trustworthy computing. White paper, Microsoft Corporation, Dec. 2002.
|
| |
22
|
C. Mundie, P. de Vries, P. Haynes, and M. Corwine. Microsoft whitepaper on trustworthy computing. Technical report, Microsoft Corporation, Oct. 2002.
|
| |
23
|
|
| |
24
|
|
| |
25
|
B. Pfitzmann, J. Riordan, C. Stüble, M. Waidner, and A. Weber. The PERSEUS system architecture. Technical Report RZ 3335 (#93381), IBM Research Division, Zurich Laboratory, Apr. 2001.
|
| |
26
|
|
| |
27
|
J. Poritz, M. Schunter, E. Van Herreweghen, and M. Waidner. Property attestation---scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research, May 2004.
|
| |
28
|
A.-R. Sadeghi and C. Stüble. Taming ``trusted computing'' by operating system design. In Information Security Applications, volume 2908 of LNCS, pages 286--302. Springer-Verlag, Berlin Germany, 2003.
|
| |
29
|
|
| |
30
|
D. Safford. Clarifying misinformation on TCPA. White paper, IBM Research, Oct. 2002.
|
| |
31
|
D. Safford. The need for TCPA. White paper, IBM Research, Oct. 2002.
|
| |
32
|
Reiner Sailer , Trent Jaeger , Enriquillo Valdez , Ramon Caceres , Ronald Perez , Stefan Berger , John Linwood Griffin , Leendert van Doorn, Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor, Proceedings of the 21st Annual Computer Security Applications Conference, p.276-285, December 05-09, 2005
[doi> 10.1109/CSAC.2005.13]
|
| |
33
|
R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J. L. Griffin, and S. Berger. sHype: Secure hypervisor approach to trusted virtualized systems. Research Report RC23511, IBM T.J. Watson Research Center, Yorktown Heights, NY, USA, Feb 2005.
|
| |
34
|
R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the 13th USENIX Security Symposium. USENIX, Aug. 2004.
|
| |
35
|
Trusted~Computing Group. TPM main specification. Main Specification Version 1.2 rev. 85, Trusted Computing Group, Feb. 2005.
|
| |
36
|
Trusted Computing Platform Alliance (TCPA). Main specification, Feb. 2002. Version 1.1b.
|
CITED BY 5
|
|
|
|
|
Frederic Stumpf , Andreas Fuchs , Stefan Katzenbeisser , Claudia Eckert, Improving the scalability of platform attestation, Proceedings of the 3rd ACM workshop on Scalable trusted computing, October 31-31, 2008, Alexandria, Virginia, USA
|
|
|
Masoom Alam , Xinwen Zhang , Mohammad Nauman , Tamleek Ali , Jean-Pierre Seifert, Model-based behavioral attestation, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
D.4