论文信息 - An Efficient Attestation for Trustworthiness of Computing Platform

An Efficient Attestation for Trustworthiness of Computing Platform

Remote attestation is a focus research in Trusted Computing. There are some attestation approaches suggested such as configuration based or property based attestation, but these suggestions have a few fatal deficiencies to overcome, e.g., leakage of platform configuration privacy or hard to define trustworthiness related properties, etc.. To solve these problems, this paper presents a system behavior based attestation model which try to determine the trust state of attesting platform from its system trustworthiness related behaviors. The new attestation model has advantages of privacy protection and high feasibility. In addition, system behavior based attestation can also be used to effectively constrain impacts caused by malicious code such as Trojan and virus which are common in today¿s organization business systems.

Xiaoyong Li | Xiao-Dong Zuo | Chang-xiang Shen

[1] Michael Franz,et al. Semantic remote attestation: a virtual machine directed approach to trusted computing , 2004 .

[2] Jiann-Der Lee,et al. International Conference on Intelligent Information Hiding and Multimedia Signal Processing , 2008 .

[3] M. Schunter,et al. Property Attestation — Scalable and Privacy-friendly Security Assessment of Peer Computers , 2004 .

[4] Daniel A. Menascé. Security Performance , 2003, IEEE Internet Comput..

[5] William A. Arbaugh,et al. A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6] Ahmad-Reza Sadeghi,et al. Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.

[7] Roger L. Kay. How to Implement Trusted Computing A Guide to Tighter Enterprise Security , 2006 .

[8] Sean W. Smith,et al. Open-source applications of TCPA hardware , 2004, 20th Annual Computer Security Applications Conference.

[9] Pradeep K. Khosla,et al. SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[10] Elaine Shi,et al. BIND: a fine-grained attestation service for secure distributed systems , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).