Software based remote attestation for OS kernel and user applications

Raghunathan Srinivasan, Partha Dasgupta, Tushar Gohad

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

This paper describes a software based remote attestation scheme for providing a root of trust on an untrusted computing platform. To provide a root of trust, this work focuses on obtaining the integrity of the OS running on the platform, and then leverages the techniques to obtain the integrity of a user application. A trusted external entity issues a challenge to the client platform. The challenge is executable code which the client must execute, and the code generates results which are sent to the external entity. These results provide the external entity an assurance as to whether the client application and the OS at the client end are in pristine condition. This work also presents a technique where it can be verified that the application which was attested, did not get replaced by a different application once the challenge got completed.

Original languageEnglish (US)
Title of host publicationProceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011
Pages1048-1055
Number of pages8
DOIs
StatePublished - Dec 1 2011
Event2011 IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2011 and 2011 IEEE International Conference on Social Computing, SocialCom 2011 - Boston, MA, United States
Duration: Oct 9 2011Oct 11 2011

Publication series

NameProceedings - 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing, PASSAT/SocialCom 2011

Other

Other2011 IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2011 and 2011 IEEE International Conference on Social Computing, SocialCom 2011
Country/TerritoryUnited States
CityBoston, MA
Period10/9/1110/11/11

Keywords

  • Code injection
  • Device drivers
  • Integrity measurement
  • Remote attestation

ASJC Scopus subject areas

  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Cite this