Remote attestation with domain-based integrity model and policy analysis

Wenjuan Xu, Xinwen Zhang, Hongxin Hu, Gail-Joon Ahn, Jean Pierre Seifert

Research output: Contribution to journalArticlepeer-review

20 Scopus citations

Abstract

We propose and implement an innovative remote attestation framework called DR@FT for efficiently measuring a target system based on an information flow-based integrity model. With this model, the high integrity processes of a system are first measured and verified, and these processes are then protected from accesses initiated by low integrity processes. Toward dynamic systems with frequently changed system states, our framework verifies the latest state changes of a target system instead of considering the entire system information. Our attestation evaluation adopts a graph-based method to represent integrity violations, and the graph-based policy analysis is further augmented with a ranked violation graph to support high semantic reasoning of attestation results. As a result, DR@FT provides efficient and effective attestation of a system's integrity status, and offers intuitive reasoning of attestation results for security administrators. Our experimental results demonstrate the feasibility and practicality of DR@FT.

Original languageEnglish (US)
Article number6104065
Pages (from-to)429-442
Number of pages14
JournalIEEE Transactions on Dependable and Secure Computing
Volume9
Issue number3
DOIs
StatePublished - Jan 1 2012

Keywords

  • Remote attestation
  • platform integrity
  • policy analysis
  • security policy

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Remote attestation with domain-based integrity model and policy analysis'. Together they form a unique fingerprint.

Cite this