Bundling Evidence for Layered Attestation

Rowe, Paul D.

doi:10.1007/978-3-319-45572-3_7

Cited by 12 publications

(23 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The semantics of trust, trustworthiness, and trust establishment in peer-to-peer systems are discussed further in [4], [18], [19]. Alternative approaches towards trust and trust management based on social notions and reputation systems are presented in [12], [16], [20].…”

Section: Related Worksupporting

confidence: 41%

User-Centered Attestation for Layered and Decentralised Systems

Lauer

Salehi²,

Rudolph³

et al. 2018

Proceedings 2018 Workshop on Decentralized IoT Security and Standards

View full text Add to dashboard Cite

Abstract-Virtualization is omnipresent as the backbone of cloud, edge, and fog computing as well as X-as-a-service infrastructure. It continues to gain increased popularity even in edge or end-user and embedded devices. The need for standards and specifications for secure and trustworthy collaboration becomes a pressing issue. Trusted Computing is considered one of the pillars towards trustworthy systems both in terms of practical security mechanisms and supporting standards. This paper revisits the Trusted Computing tool-set and introduces its current application in virtualization scenarios. We discuss challenges related to translating the term trust between specifications for hardware modules such as the Trusted Platform Module (TPM) and applied specifications for operating systems, hypervisors, and virtual machines are -defining trust establishment becomes crucial for specifications extending trust beyond the TPM. We define Usercentered attestation as a set of principles suitable for layered, decentralized systems along with a methodology for specifying and synthesizing such a trust establishment strategy.

show abstract

Section: Related Worksupporting

confidence: 41%

User-Centered Attestation for Layered and Decentralised Systems

Lauer

Salehi²,

Rudolph³

et al. 2018

Proceedings 2018 Workshop on Decentralized IoT Security and Standards

View full text Add to dashboard Cite

show abstract

“…By measuring the kernel at p before the userspace measurement occurs, the appraiser can learn that the kernel was uncompromised at the time of the userspace measurement. This bottom-up strategy is common in approaches to layered attestation [17,22]. Additionally, an appraiser may wish each piece of evidence to be signed as a rudimentary chain of evidence.…”

Section: Examples Of Layered Attestationsmentioning

confidence: 99%

“…A layered attestation whose structure mimics the layered dependency structure of a target system can provide strong trust guarantees. In prior work, we have formally proved that "bottom-up" strategies for layered attestation force an adversary to either corrupt well-protected components or work within small time-of-check-time-of-use windows [17,18].…”

Section: Introductionmentioning

confidence: 99%

“…For this purpose we provide a denotational semantics relating phrases to a partially ordered set of events. This semantics is explicitly designed to connect with our prior work on analytic principles of layered attestation [17,18]. By applying those principles in static analysis, both target and appraiser can write policies determining which phrases may be used in which situations based on the trust guarantees they provide.…”

Section: Introductionmentioning

confidence: 99%

“…This ensures that any trust conclusions made from the event partial order are guaranteed to hold over the concrete execution. In particular, our previous work [17,18] characterizes what an adversary must do to avoid detection given a specific partial order of events, identifying strategies to force an adversary to work quickly in short time-of-check-timeof-use windows, or dig deeper into more protected layers of the system. This connection is particularly important in light of the flexibility of the language.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Orchestrating Layered Attestations

Ramsdell

Rowe

Alexander

et al. 2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

We present Copland, a language for specifying layered attestations. Layered attestations provide a remote appraiser with structured evidence of the integrity of a target system to support a trust decision. The language is designed to bridge the gap between formal analysis of attestation security guarantees and concrete implementations. We therefore provide two semantic interpretations of terms in our language. The first is a denotational semantics in terms of partially ordered sets of events. This directly connects Copland to prior work on layered attestation. The second is an operational semantics detailing how the data and control flow are executed. This gives explicit implementation guidance for attestation frameworks. We show a formal connection between the two semantics ensuring that any execution according to the operational semantics is consistent with the denotational event semantics. This ensures that formal guarantees resulting from analyzing the event semantics will hold for executions respecting the operational semantics. All results have been formally verified with the Coq proof assistant.

show abstract

An Infrastructure for Faithful Execution of Remote Attestation Protocols

Petz

Alexander

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Remote attestation is a technology for establishing trust in a remote computing system. Copland is a domain-specific language for specifying attestation protocols that operate in diverse, layered measurement topologies. An accompanying reference semantics characterizes attestation-relevant system events and bundling of cryptographic evidence. In this work we formally define and verify the Copland Compiler and Copland Virtual Machine for executing Copland protocols. The compiler and vm are implemented as monadic, functional programs in the Coq proof assistant and verified with respect to the Copland reference semantics. In addition we introduce the Attestation Manager Monad as an environment for managing attestation freshness, binding results of Copland protocols to variables, and appraising evidence results. These components lay the foundation for a verified attestation stack.

show abstract

Bundling Evidence for Layered Attestation

Cited by 12 publications

References 14 publications

User-Centered Attestation for Layered and Decentralised Systems

User-Centered Attestation for Layered and Decentralised Systems

Orchestrating Layered Attestations

An Infrastructure for Faithful Execution of Remote Attestation Protocols

Contact Info

Product

Resources

About