Flexible Mechanisms for Remote Attestation

Download
pdf

Remote attestation consists of generating evidence of a system’s integrity via measurements and reporting the evidence to a remote party for appraisal in a form that can be trusted. The parties that exchange information must agree on formats and protocols. We assert there is a large variety of patterns of interactions among appraisers and attesters of interest. Therefore, it is important to standardize on flexible mechanisms for remote attestation. We make our case by describing scenarios that require the exchange of evidence among multiple parties using a variety of message passing patterns. We show cases in which changes in the order of evidence collection result in important differences to what can be inferred by an appraiser. We argue that adding the ability to negotiate the appropriate kind of attestation allows for remote attestations that better adapt to a dynamically changing environment. Finally, we suggest a language-based solution to taming the complexity of specifying and negotiating attestation procedures.

Dr. Perry Alexander is The AT&T Foundation Distinguished Professor of Electrical Engineering and Computer Science and Director of the Institute for Information Sciences at The University of Kansas. His research interests include system-level modeling, formal verification, language semantics, and trusted computing. He received the BSEE and BSCS in 1986, the MSEE in 1988, and the PhD in 1992 all from The University of Kansas. Prior to joining KU, he was a faculty member and Director of The Knowledge-Based Software Engineering Laboratory in the Electrical and Computer Engineering and Computer Science department at The 'University of Cincinnati. Dr. Alexander is currently Lead PI of the KU National Security Agency Science of Security Lablet.

References

George Coker, Joshua Guttman, Peter Loscocco, Amy Herzog, Jonathan Millen, Brian O’Hanlon, John Ramsdell, Ariel Segall, Justin Sheehy, and Brian Sniffen. 2011. Principles of remote attestation. International Journal of Information Security 10, 2 (June 2011), 63–81.

George S. Coker, Joshua D. Guttman, Peter A. Loscocco, Justin Sheehy, and Brian T. Sniffen. 2008. Attestation: Evidence and trust. In Information and Communications Security, Lecture Notes in Computer Science, Vol. 5308. Springer, 1–18.

C. Fisher, D. Bukovick, R. Bourquin, and R. Dobry. 2012. SAMSON—Secure Authentication Modules. General Dynamics C4S. Retrieved August 9, 2021 from https://sourceforge.net/p/secureauthentic/wiki/Home/.

Tags:
License: CC-2.5
Submitted by Perry Alexander on