Skip to main content
SpringerLink
Log in

Scalable Remote Attestation with Privacy Protection

(Work in Progress)

  • Conference paper
Trusted Systems (INTRUST 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6163))

Included in the following conference series:

Abstract

Assurance of fulfillment of stakeholder’s expectations on a target platform is termed as remote attestation. Without such an assurance, there is no way of knowing whether the policies of the remote owner will be enforced as expected. Existing approaches toward remote attestation work at different levels of the software stack and most of them only measure binary hashes of the applications on the remote platform. Several dynamic attestation techniques have been proposed that aim to measure the internal working of an application. As there can be more than one application running on a target system, we need to have mechanisms to remotely certify the internal behavior of multiple applications on a single system. Similarly in TCG-based attestations we use Platform Configuration Register (PCR) for storing and advocating the platform configuration to the remote party. Currently a single PCR is used to capture the behavior of one application/purpose. In this paper we propose the idea of using a single PCR for multiple instances of a target application, while preserving the privacy of other application instances. Moreover, our technique also keeps the trusted status of each application intact. We propose a protocol for measurement and verification of a single instance by its respective stakeholder. Further, the mechanism proposed in this paper can be applied to different attestation techniques that work at different levels of the software stack. We develop a proof-of-concept implementation of our idea and provide future implications of this research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Trusted Computing Group, http://www.trustedcomputinggroup.org/

  2. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: SSYM 2004: Proceedings of the 13th Conference on USENIX Security Symposium, Berkeley, CA, USA. USENIX Association (2004)

    Google Scholar 

  3. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: SACMAT 2006: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 19–28. ACM Press, New York (2006)

    Chapter  Google Scholar 

  4. Sadeghi, A.R., Stüble, C.: Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms. In: NSPW 2004: Proceedings of the 2004 Workshop on New Security Paradigms, pp. 67–77. ACM Press, New York (2004)

    Google Scholar 

  5. Alam, M., Zhang, X., Nauman, M., Ali, T., Seifert, J.P.: Model-based Behavioral Attestation. In: SACMAT 2008: Proceedings of the Thirteenth ACM Symposium on Access Control Models and Technologies. ACM Press, New York (2008)

    Google Scholar 

  6. Nauman, M., Alam, M., Ali, T., Zhang, X.: Remote Attestation of Attribute Updates And Information Flows in a UCON System. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 63–80. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Gu, L., Ding, X., Deng, R., Xie, B., Mei, H.: Remote Attestation on Program Execution. In: STC 2008: Proceedings of the 2008 ACM Workshop on Scalable Trusted Computing. ACM, New York (2008)

    Google Scholar 

  8. Park, J., Sandhu, R.: Towards Usage Control Models: Beyond Traditional Access Control. In: SACMAT 2002: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, pp. 57–64. ACM Press, New York (2002)

    Chapter  Google Scholar 

  9. Alam, M., Zhang, X., Nauman, M., Ali, T.: Behavioral Attestation for Web Services (BA4WS). In: SWS 2008: Proceedings of the ACM Workshop on Secure Web Services (SWS) located at 15th ACM Conference on Computer and Communications Security (CCS-15). ACM Press, New York (2008)

    Google Scholar 

  10. Fournet, C., Gonthier, G., Levy, J., Maranget, L., Remy, D.: A calculus of mobile agents. In: Sassone, V., Montanari, U. (eds.) CONCUR 1996. LNCS, vol. 1119, pp. 406–421. Springer, Heidelberg (1996)

    Google Scholar 

  11. Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: STC 2007: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pp. 21–29. ACM, New York (2007)

    Chapter  Google Scholar 

  12. Bella, G., Paulson, L.C., Massacci, F.: The Verification of an Industrial Payment Protocol: the SET Purchase Phase. In: CCS 2002: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 12–20. ACM, New York (2002)

    Chapter  Google Scholar 

  13. Zhang, X., Sandhu, R., Parisi-Presicce, F.: Safety Analysis of Usage Control Authorization Models. In: ASIACCS 2006: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 243–254. ACM, New York (2006)

    Chapter  Google Scholar 

  14. TCG Specification Architecture Overview v1.2, pp. 11-12. Technical report, Trusted Computing Group (April 2004)

    Google Scholar 

  15. Trusted Computing for the Java(tm) Platform.: http://trustedjava.sourceforge.net/

  16. Stumpf, F., Fuchs, A., Katzenbeisser, S., Eckert, C.: Improving the scalability of platform attestation. In: STC 2008: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 1–10. ACM, New York (2008)

    Chapter  Google Scholar 

  17. Berger, S., Cáceres, R., Goldman, K., Perez, R., Sailer, R., van Doorn, L.: vTPM: Virtualizing the Trusted Platform Module. In: USENIX 2006: Proceedings of the USENIX Security Symposium, July 2006, pp. 305–320 (2006)

    Google Scholar 

  18. Sadeghi, A., Stuble, C., Winandy, M.: Property-based TPM virtualization. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 1–16. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  19. Lyle, J.: Trustable Remote Verification of Web Services. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 153–168. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Huh, J.H., Lyle, J.: Trustworthy log reconciliation for distributed virtual organisations. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 169–182. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  21. Thober, M., Pendergrass, J.A., McDonell, C.D.: Improving Coherency of Runtime Integrity Measurement. In: STC 2008: Proceedings of the 2008 ACM Workshop on Scalable Trusted Computing. ACM, New York (2008)

    Google Scholar 

  22. Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: Generalizing return-oriented programming to RISC. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 27–38. ACM, New York (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Security Engineering Research Group, Institute of Management Sciences, Peshawar, Pakistan

    Tamleek Ali Tanveer, Masoom Alam & Mohammad Nauman

Authors
  1. Tamleek Ali Tanveer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Masoom Alam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohammad Nauman
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett Packard Labs, Long Down Avenue, Stoke Gifford, BS34 8QZ, Bristol, UK

    Liqun Chen

  2. Computer Science Department, Google Inc. and Columbia University, Room 464, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tanveer, T.A., Alam, M., Nauman, M. (2010). Scalable Remote Attestation with Privacy Protection. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2009. Lecture Notes in Computer Science, vol 6163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14597-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14597-1_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14596-4

  • Online ISBN: 978-3-642-14597-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation