How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
The design and implementation of a certifying compiler
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Computer
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Proceedings of the 11th ACM conference on Computer and communications security
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Group signatures: better efficiency and new theoretical aspects
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Realizing property-based attestation and sealing with commonly available hard- and software
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Secure storage using a sealing proxy
Proceedings of the 1st European Workshop on System Security
Model-based behavioral attestation
Proceedings of the 13th ACM symposium on Access control models and technologies
Practical Techniques for Operating System Attestation
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Towards Trust Services for Language-Based Virtual Machines for Grid Computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
On the Applicability of Trusted Computing in Distributed Authorization Using Web Services
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
Property-Based Attestation without a Trusted Third Party
ISC '08 Proceedings of the 11th international conference on Information Security
Improving the scalability of platform attestation
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Attestation: Evidence and Trust
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
A Property-Dependent Agent Transfer Protocol
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Tagging the Turtle: Local Attestation for Kiosk Computing
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
SAConf: Semantic Attestation of Software Configurations
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
ALOPA: Authorization Logic for Property Attestation in Trusted Platforms
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
A practical property-based bootstrap architecture
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Managing application whitelists in trusted distributed systems
Future Generation Computer Systems
DR@FT: efficient remote attestation framework for dynamic systems
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Extending IPsec for efficient remote attestation
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Real-time remote attestation with privacy protection
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
SCOBA: source code based attestation on custom software
Proceedings of the 26th Annual Computer Security Applications Conference
An approach to introducing locality in remote attestation using near field communications
The Journal of Supercomputing
Practical property-based attestation on mobile devices
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Security model oriented attestation on dynamically reconfigurable component-based systems
Journal of Network and Computer Applications
Remote attestation on function execution (work-in-progress)
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Privacy enhanced trusted network connect
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Modeling TCG-Based secure systems with colored petri nets
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Interoperable remote attestation for VPN environments
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Specification and Standardization of a Java Trusted Computing API
Software—Practice & Experience
Analysis of existing remote attestation techniques
Security and Communication Networks
Attestation of mobile baseband stacks
NSS'12 Proceedings of the 6th international conference on Network and System Security
Single Attestation Image for a Trusted and Scalable Grid
International Journal of Grid and High Performance Computing
Cloud computing security: The scientific challenge, and a survey of solutions
Journal of Systems and Software
Design and implementation of an efficient framework for behaviour attestation using n-call slides
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
| Hi-index | 0.00 |
The Trusted Computing Group (TCG) has issued several specifications to enhance the architecture of common computing platforms by means of new functionalities, amongst others the (binary) attestation to verify the integrity of a (remote) computing platform/application. However, as pointed out recently, the binary attestation has some shortcomings, in particular when used for applications: First, it reveals information about the configuration of a platform (hardware and software) or application. This can be misused to discriminate certain configurations (e.g., operating systems) and the corresponding vendors, or be exploited to mount attacks. Second, it requires the verifier to know all possible ``trusted'' configurations of all platforms as well as managing updates and patches that change the configuration. Third, it does not necessarily imply that the platform complies with desired (security) properties. A recent proposal to overcome these problems is to transform the binary attestation into property-based attestation, which requires to only attest whether a platform or an application fulfills the desired (security) requirements without revealing the specific software or/and hardware configuration.Based on previous works, we propose a concrete efficient property-based attestation protocol within an abstract model for the main functionalities provided by TCG-compliant platforms. We prove the security of this protocol under the strong RSA assumption and the discrete logarithm assumption in the random oracle model. Our scheme allows blind verification and revocation of mappings between properties and configurations.