Remote Attestation for Cloud-Based Systems

Presented as part of the 2015 HCSS conference.

Abstract:

Remote attestation provides a mechanism for gathering information from remote systems for assessing their trustworthiness. Using remote attestation an appraiser needing to assess trustworthiness makes a request to gather information from a target. The target’s attestation manager responds by executing an attestation protocol that gathers and bundles evidence that is sent to the appraiser. The appraiser un-bundles evidence and uses primary evidence to assess the target and meta-evidence to assess the target’s attestation process.

ArmoredSoftware enables remote attestation of processes in the cloud. Its components provide attestation, measurement, and appraisal capabilities that support remote attestation of and by applications running on virtual platforms managed by commodity cloud infrastructure. Each ArmoredSoftware application is bundled with its own appraisal, attestation, measurement, and vTPM components for performing trust establishment. Appraisers request information and negotiate attestation protocols with attestation agents. During negotiation, appraisers focus on needed information while attestation agents enforce their local privacy policies. Following negotiation, the attestation agent executes the agreed upon protocol that invokes measurement, vTPM, and nested appraisal services to gather and package evidence describing the application and its operational environment. The protocol and evidence are returned and together analyzed by the appraiser to determine trustworthiness.

Remote attestation in a cloud-managed virtual environment introduces a number of specific challenges that ArmoredSoftware must address. These include, but are not limited to: opacity and variability of execution environment details; maintaining links to hardware roots-of-trust across migration; measuring the diversity of user-space applications; and bundling evidence from multiple sources.

Our talk will focus on the ArmoredSoftware architecture, protocol semantics, and experimental implementation. We will first outline the ArmoredSoftware architecture focusing on interactions among major components. We will then discuss specifics of the first-class, monadic protocol representation at the center of attestation and measurement focusing on a commonly used certificate authority-based protocol example. Finally, we will discuss results from experiments on early prototype implementations. An informal demonstration will be available before and after the presentation. 

Biography:

Dr. Perry Alexander is a Professor in the Electrical Engineering and Computer Science Department and Director of the Information and Telecommunication Technology Center at The University of Kansas. His research interests include system-level modeling, heterogeneous specification, formal verification, and trusted systems. He received the BSEE and BSCS in 1986, the MSEE in 1988, and the PhD in 1992 all from The University of Kansas. From September 1992 through July 1999 he was a faculty member and director of The Knowledge-Based Software Engineering Laboratory in the Electrical and Computer Engineering and Computer Science department at The University of Cincinnati. He is the chief architect of the Rosetta system specification language currently being standardized by IEEE. Dr. Alexander has published over 100 refereed research papers and presented numerous invited presentations. He has won 20 teaching awards and was named a Kemper Teaching Fellow and the ASEE's Midwest Region Teacher of the Year in 2003 and received the Sharp Teaching Professorship in 2009.