Remote Attestation on Legacy Operating Systems With Trusted Platform Modules

“…In contrast to the existing schemes, 7,8 in this study, the builtin independent system clock inside the remote agent is employed to locally measure T Elp , which is independent of the wireless transmission delay. Both schemes 11,20 have demonstrated the effectiveness of local elapsed time measurement and therefore a remote attestation scheme employing such a technique is particularly suitable for a multihop communication between the verifier and the prover. Furthermore, an expected T Elp ensures that the checksum computation is executed under an uninterrupted environment.…”

Section: Security Assumptions and Attack Model Of The Cluster-based Wsnmentioning

confidence: 99%

“…a TPM), which can be a tamper-resistant storage or an isolated environment. Both TPM-based schemes 11,12 have been proposed for attesting the system integrity of a primary platform. Defrawy et al 28 proposed SMART relying on a dedicated circuit used for providing access control to a secret key.…”

Section: Other Related Work Of Remote Attestation Schemesmentioning

confidence: 99%

“…However, such schemes are suitable only for one-hop communication between the verifier and the prover. Hardware-based schemes [10][11][12] rely on a trusted platform module (TPM) complying with the ISO/IEC 11889 standard. 13 TPM is a high-level hardware security module (HSM) consisting of several cryptographic components, such as asymmetric key cryptosystem, pseudorandom number generator, and one-way hash function.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SARA: Sandwiched attestation through remote agents for cluster-based wireless sensor networks

Yang

Yen

2017

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Cluster-based wireless sensor networks have advantages of scalability and efficient communication. However, a major security risk to cluster heads is a malicious code injection attack through which an adversary can completely control a cluster network to deliver fake data and obtain private data. Memory attestation scheme is an effective mechanism for attesting the firmware integrity of an embedded device. Unfortunately, existing hardware-based remote attestation scheme relying on a trusted platform module incurs a considerable storage overhead to cluster heads. Therefore, this article proposes a lightweight hardware-based remote attestation scheme that comprises two remote attestation protocols. A lightweight hardware security module without executing any complicated cryptographic computation is employed and can substantially reduce the development cost and energy consumption compared with the trusted platform module. In the proposed scheme, a base station can attest each individual cluster head while all cluster nodes can simultaneously attest their cluster head in regular intervals. Performance analysis indicates that the storage requirement for cluster heads is independent of the number of attestation sessions. Furthermore, the computational cost of cluster nodes for the proposed scheme is comparable to that of the trusted platform module-based scheme. The proposed scheme is particularly suitable for long-term applications based on lightweight cluster heads.

show abstract

“…Attestation schemes [37,39] and approaches to secure roaming [25] can be used to ensure that a remote (untrusted) device guarantees certain behavior using trusted hardware. Trusted hardware can also be used to store cryptographic keys or bind protected data to a machine [42,2,18,22,16,21].…”

Section: Context Determinationmentioning

confidence: 99%

Context-Dependent Authentication and Access Control

Kirkpatrick

Bertino

2009

iNetSec 2009 – Open Research Problems in Network Security

View full text Add to dashboard Cite

Abstract. As mobile computing continues to rise, users are increasingly able to connect to remote services from a wide range of settings. To provide this flexibility, security policies must be adaptive to the user's environment when the request is made. In our work, we define context to include the spatiotemporal aspects of the user request, in addition to quantifiable environmental factors determined by the server hosting the resource. We identify a number of key open problems in this field and propose potential solutions to some of the problems.

show abstract

Remote Attestation on Legacy Operating Systems With Trusted Platform Modules

Cited by 40 publications

References 14 publications

User Centric Security Model for Tamper-Resistant Devices

User Centric Security Model for Tamper-Resistant Devices

SARA: Sandwiched attestation through remote agents for cluster-based wireless sensor networks

Context-Dependent Authentication and Access Control

Contact Info

Product

Resources

About