A practical property-based bootstrap architecture

12 years 1 months ago
A practical property-based bootstrap architecture
Binary attestation, as proposed by the Trusted Computing Group (TCG), is a pragmatic approach for software integrity protection and verification. However, it has also various shortcomings that cause problems for practical deployment such as scalability, manageability and privacy: On the one hand, data bound to binary values remain inaccessible after a software update and the verifier of an attestation result has to manage a huge number of binary versions. On the other hand, the binary values reveal information on platform configuration that may be exploited maliciously. In this paper we focus on property-based bootstrap architectures with an enhanced boot loader. Our proposal improves the previous work in a way that allows a practical and efficient integration into existing IT infrastructures. We propose a solution of the version rollback problem that, in contrast to the existing approaches, is secure even if the TPM owner of the attested platform is untrusted without requiring an ...
René Korthaus, Ahmad-Reza Sadeghi, Christia
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where CCS
Authors René Korthaus, Ahmad-Reza Sadeghi, Christian Stüble, Jing Zhan
Comments (0)