Remote attestation on legacy operating systems with trusted platform modules
详细信息 查看全文
- 作者:Dries Schellekens ; Brecht Wyseur ; Bart Preneel
- 关键词:Remote software authentication ; Attestation ; Trusted platform module ; Timed execution
- 刊名:Science of Computer Programming
- 出版年:2008
- 出版时间:1 December 2008
- 年:2008
- 卷:74
- 期:1-2
- 页码:13-22
- 全文大小:925 K
文摘
A lot of progress has been made to secure network communication, e.g., through the use of cryptographic algorithms. However, this offers only a partial solution as long as the communicating end points still suffer from security problems. A number of applications require remote verification of software executing on an untrusted platform. Trusted computing solutions propose to solve this problem through software and hardware changes, typically a secure operating system and the addition of a secure coprocessor, respectively. On the other hand, timed execution of code checksum calculations aims for a solution on legacy platforms, but can not provide strong security assurance. We present a mixed solution by using the trusted computing hardware, namely the time stamping functionality of the Trusted Platform Module (TPM), in combination with a timing-based remote code integrity verification mechanism. In this way, the overall security of the timed execution scheme can be improved without requiring a secure operating system.