Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Secure data management in trusted computing
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Practical Techniques for Operating System Attestation
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Towards Trust Services for Language-Based Virtual Machines for Grid Computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
Property-Based Attestation without a Trusted Third Party
ISC '08 Proceedings of the 11th international conference on Information Security
Remote attestation on legacy operating systems with trusted platform modules
Science of Computer Programming
Tagging the Turtle: Local Attestation for Kiosk Computing
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
A practical property-based bootstrap architecture
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Towards automated security policy enforcement in multi-tenant virtual data centers
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Group-based attestation: enhancing privacy and management in remote attestation
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Real-time remote attestation with privacy protection
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
An approach to introducing locality in remote attestation using near field communications
The Journal of Supercomputing
Practical property-based attestation on mobile devices
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
On scalability of remote attestation
Proceedings of the sixth ACM workshop on Scalable trusted computing
Privacy enhanced trusted network connect
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Hi-index | 0.00 |
The authenticated boot process introduced by the Trusted Computing Group (TCG) uses binary measurements, i.e., hashes of executables, to give an indication of which software configuration runs on a given computing platform. As the binary measurements change with any software update, sealed data becomes unavailable, too. To solve this and other problems regarding binary measurements, the concept ofproperty-based attestation has been introduced. In this paper we show how to realize both property-based attestation and property-based sealing using existing TCG-enabled hard- and software. The main idea is that an enhanced boot loader translates between binary measurements and properties, allowing to attest properties of unmodified operating systems loaded. Moreover, applications running on top of this operating system can use existing mechanisms, e.g., an existing Trusted Software Stack (TSS) implementation, to seal data to properties instead of binary hash values One cornerstone of our proposal is the ability to also revoke the translation of certain binary measurements into properties in case of identified security problems. Our proposal is ideally suited for enterprise environments having a centralized IT-management infrastructure and scales well with the number of participating clients.