The authenticated boot process introduced by the Trusted Computing Group (TCG) uses binary measurements, i.e., hashes of executables, to give an indication of which software configuration runs on a given computing platform. As the binary measurements change with any software update, sealed data becomes unavailable, too. To solve this and other problems regarding binary measurements, the concept ofproperty-based attestation has been introduced.
In this paper we show how to realize both property-based attestation and property-based sealing using existing TCG-enabled hard- and software. The main idea is that an enhanced boot loader translates between binary measurements and properties, allowing to attest properties of unmodified operating systems loaded. Moreover, applications running on top of this operating system can use existing mechanisms, e.g., an existing Trusted Software Stack (TSS) implementation, to seal data to properties instead of binary hash values
One cornerstone of our proposal is the ability to also revoke the translation of certain binary measurements into properties in case of identified security problems. Our proposal is ideally suited for enterprise environments having a centralized IT-management infrastructure and scales well with the number of participating clients.
[1]
Steve Furber,et al.
ARM System Architecture
,
1996
.
[2]
Birgit Pfitzmann,et al.
The PERSEUS System Architecture
,
2001
.
[3]
Ahmad-Reza Sadeghi,et al.
European Multilateral Secure Computing Base - Open Trusted Computing for You and Me
,
2004
.
[4]
Ahmad-Reza Sadeghi,et al.
Property-based attestation for computing platforms: caring about properties, not mechanisms
,
2004,
NSPW '04.
[5]
M. Schunter,et al.
Property Attestation — Scalable and Privacy-friendly Security Assessment of Peer Computers
,
2004
.
[6]
Ahmad-Reza Sadeghi,et al.
Secure Data Management in Trusted Computing
,
2005,
CHES.
[7]
Ahmad-Reza Sadeghi,et al.
A protocol for property-based attestation
,
2006,
STC '06.