DR@FT: efficient remote attestation framework for dynamic systems

Authors:
Wenjuan Xu;Gail-Joon Ahn;Hongxin Hu;Xinwen Zhang;Jean-Pierre Seifert
Affiliations:
Frostburg State University;Arizona State University;Arizona State University;Samsung Information Systems America;Deutsche Telekom Lab and Technical University of Berlin
Venue:
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Year:
2010

Citing 10
Cited 0

The anatomy of a large-scale hypertextual Web search engine

WWW7 Proceedings of the seventh international conference on World Wide Web 7
Lattice-Based Access Control Models

Computer
LOMAC: Low Water-Mark Integrity Protection for COTS Environments

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
PRIMA: policy-reduced integrity measurement architecture

Proceedings of the eleventh ACM symposium on Access control models and technologies
A protocol for property-based attestation

Proceedings of the first ACM workshop on Scalable trusted computing
Analyzing integrity protection in the SELinux example policy

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Preventing privilege escalation

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing

VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Towards System Integrity Protection with Graph-Based Policy Analysis

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII

Quantified Score

Hi-index	0.00

Visualization

Abstract

Remote attestation is an important mechanism to provide the trustworthiness proof of a computing system by verifying its integrity. In this paper, we propose an innovative remote attestation framework called DR@FT for efficiently measuring a target system based on an information flow-based integrity model. With this model, the high integrity processes of a system are first verified through measurements and these processes are then protected from accesses initiated by low integrity processes. Also, our framework verifies the latest state changes in a dynamic system instead of considering the entire system information. In addition, we adopt a graph-based method to represent integrity violations with a ranked violation graph, which supports intuitive reasoning of attestation results. Our experiments and performance evaluation demonstrate the feasibility and practicality of DR@FT.