RepCloud: achieving fine-grained cloud TCB attestation with reputation systems
Proceedings of the sixth ACM workshop on Scalable trusted computing
| Hi-index | 0.00 |
Current trusted computing technologies allow computing devices to verify each other using attestation, but in a networked world, there is no reason to trust one computing device any more than another. Treating these devices as turtles, the user who seeks a trustworthy system from which to verify others quickly realizes that it's "turtles all the way down" because of the endless loop of trust dependencies. We need to provide the user with one initial turtle (the iTurtle) which is axiomatically trustworthy, thereby breaking the dependency loop. Further, the size of the software trusted computing base on today's computing devices is overwhelming. We argue that a mechanism for reducing the size is essential for extracting meaning from attestations and enabling an iTurtle to do its job. This talk will present some of the research challenges involved in designing and using an iTurtle, and in architecting systems to provide meaningful attestations to an iTurtle.