httperf—a tool for measuring web server performance
ACM SIGMETRICS Performance Evaluation Review
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems
Proceedings of the twentieth ACM symposium on Operating systems principles
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Linux kernel integrity measurement using contextual inspection
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Uclinux: a linux security module for trusted-computing-based usage controls enforcement
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Towards automated provisioning of secure virtualized networks
Proceedings of the 14th ACM conference on Computer and communications security
Policy enforcement and compliance proofs for Xen virtual machines
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Semantics-Driven Introspection in a Virtual Environment
IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Trusted virtual domains: toward secure distributed services
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
Key attestation from trusted execution environments
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Extending IPsec for efficient remote attestation
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Semantic attestation of node integrity in overlays
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Attestation of integrity of overlay networks
Journal of Systems Architecture: the EUROMICRO Journal
Security model oriented attestation on dynamically reconfigurable component-based systems
Journal of Network and Computer Applications
TruWalletM: secure web authentication on mobile platforms
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
CloRExPa: Cloud resilience via execution path analysis
Future Generation Computer Systems
Hi-index | 0.00 |
We propose a framework for the attestation of the integrity of a remote system that considers not only the configuration of the system to be attested but also its current behaviour. The resulting architecture, called Virtual machine Integrity Measurement System (VIMS), is based upon virtualization technology and it runs two virtual machines on a system to be attested, i.e. the Client (C-VM) and the Assurance VM (A-VM). A generic remote server (REM-S) accepts incoming connections and cooperates with the A-VM to authenticate and attest the integrity of the C-VM and of the software it runs. The A-VM is a shadow machine that exploits virtual machine introspection to apply a set of consistency checks on the configuration of the C-VM and on the software it currently runs. The checks depend upon the security policies that the REM-S establishes in the initial connection handshake. The REM-S defines both the complexity of checks to be applied and the frequency of their execution and it communicates the security policy to the A-VM through a control channel. Policies that can be applied range from the one that simply checks the integrity of the binaries loaded by the C-VM to those that continuously monitor the dynamic behaviour of applications to discover attacks that alter their expected behaviour. The control channel also transmits the results of the checks from the A-VM to the REM-S. As an example, remote attestation can be adopted when a client software on the C-VM tries to establish a secure channel to a REM-S on an Intranet. After describing the overall VIMS architecture, we present and discuss the implementation and the performance of a first prototype.