Title :
Remote Attestation with Domain-Based Integrity Model and Policy Analysis
Author :
Xu, Wenjuan ; Zhang, Xinwen ; Hu, Hongxin ; Ahn, Gail-Joon ; Seifert, Jean-Pierre
Author_Institution :
Dept. of Comput. Sci. & Inf. Technol., Frostburg State Univ., Frostburg, MD, USA
Abstract :
We propose and implement an innovative remote attestation framework called DR@FT for efficiently measuring a target system based on an information flow-based integrity model. With this model, the high integrity processes of a system are first measured and verified, and these processes are then protected from accesses initiated by low integrity processes. Toward dynamic systems with frequently changed system states, our framework verifies the latest state changes of a target system instead of considering the entire system information. Our attestation evaluation adopts a graph-based method to represent integrity violations, and the graph-based policy analysis is further augmented with a ranked violation graph to support high semantic reasoning of attestation results. As a result, DR@FT provides efficient and effective attestation of a system´s integrity status, and offers intuitive reasoning of attestation results for security administrators. Our experimental results demonstrate the feasibility and practicality of DR@FT.
Keywords :
augmented reality; data integrity; data models; graph theory; inference mechanisms; trusted computing; DR@FT; domain-based integrity model; dynamic systems; graph-based policy analysis; information flow based integrity model; integrity process; integrity violation representation; intuitive reasoning; ranked violation graph; remote attestation; security administrators; semantic reasoning; target system; Analytical models; Computational modeling; Current measurement; Monitoring; Runtime; Security; Software; Remote attestation; platform integrity; policy analysis.; security policy;
Journal_Title :
Dependable and Secure Computing, IEEE Transactions on
DOI :
10.1109/TDSC.2011.61
