Remote attestation on legacy operating systems with trusted platform modules

Science of Computer Programming

Volumn 74, Issue 1-2, 2008, Pages 13-22

  Schellekens, Dries ^a,b   Wyseur, Brecht ^a,b   Preneel, Bart ^a,b  

^a UNIVERSITY OF LEUVEN   (Belgium)

^b Interdisciplinary Institute for Broadband Technology   (Belgium)

Author keywords

Attestation; Remote software authentication; Timed execution; Trusted platform module

Indexed keywords

CLIENT SERVER COMPUTER SYSTEMS; CODES (SYMBOLS); COMPUTER OPERATING SYSTEMS; COMPUTER SOFTWARE SELECTION AND EVALUATION; CRYPTOGRAPHY; LEGACY SYSTEMS; SOLUTIONS; VERIFICATION;

ATTESTATION; CHECKSUM; CRYPTOGRAPHIC ALGORITHMS; END POINTS; MIXED SOLUTIONS; OPERATING SYSTEMS; PARTIAL SOLUTIONS; REMOTE ATTESTATIONS; REMOTE CODES; REMOTE SOFTWARE AUTHENTICATION; SECURE COPROCESSOR; SECURE NETWORKS; SECURE OPERATING SYSTEMS; SECURITY ASSURANCES; SECURITY PROBLEMS; TIMED EXECUTION; TRUSTED COMPUTING; TRUSTED PLATFORM MODULE; TRUSTED PLATFORM MODULES;

COMPUTER SOFTWARE;

EID: 56349171224     PISSN: 01676423     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.scico.2008.09.005     Document Type: Article

References (29)

1. Aucsmith D. Tamper resistant software: An implementation. In: Anderson R.J. (Ed). First International Workshop on Information Hiding. Cambridge, U.K., May 30-June 1, 1996. Lecture Notes in Computer Science vol. 1174 (1996), Springer
2. Balacheff B., Chen L., Pearson S., Plaquin D., and Proudler G. Trusted Computing Platforms: TCPA Technology in Context (2002), Prentice Hall PTR, Upper Saddle River, NJ, USA
3. Brickell E.F., Camenisch J., and Chen L. Direct anonymous attestation. In: Atluri V., Pfitzmann B., and McDaniel P.D. (Eds). 11th ACM Conference on Computer and Communications Security. CCS 2004, Washington, DC, USA, October 25-29, 2004 (2004), ACM
4. M. Ceccato, M.D. Preda, J. Nagra, C. Collberg, P. Tonella, Barrier slicing for remote software trusting, in: 7th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM'07, September 30-October 1, Paris, France, 2007
5. Dvir O., Herlihy M., and Shavit N. Virtual leashing: Internet-based software piracy protection. 25th International Conference on Distributed Computing Systems. ICDCS 2005, 6-10 June 2005, Columbus, OH, USA (2005), IEEE Computer Society
6. England P., Lampson B.W., Manferdelli J., Peinado M., and Willman B. A trusted open platform. IEEE Computer 36 7 (2003) 55-62
7. Garay J.A., and Huelsbergen L. Software integrity protection using timed executable agents. In: Lin F.-C., Lee D.-T., Lin B.-S., Shieh S., and Jajodia S. (Eds). 2006 ACM Symposium on Information, Computer and Communications Security. ASIACCS 2006, Taipei, Taiwan, March 21-24, 2006 (2006), ACM
8. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, D. Boneh, Terra: A virtual machine-based platform for trusted computing, in: 19th Symposium on Operating System Principles, October 19-22, 2003, Bolton Landing, NY, USA, 2003
9. Giffin J.T., Christodorescu M., and Kruger L. Strengthening software self-checksumming via self-modifying code. 21st Annual Computer Security Applications Conference. ACSAC 2005, 5-9 December 2005, Tucson, AZ, USA (2005), IEEE Computer Society
10. Grawrock D. The Intel Safer Computing Initiative - Building Blocks for Trusted Computing (2006), Intel Press
11. V. Haldar, D. Chandra, M. Franz, Semantic remote attestation - virtual machine directed approach to trusted computing, in: 3rd Virtual Machine Research and Technology Symposium, May 6-7, 2004, San Jose, CA, USA, USENIX, 2004
12. B. Kauer, OSLO: Improving the security of trusted computing, in: 16th USENIX Security Symposium, August 6-10, 2007, Boston, MA, USA, USENIX, 2007
13. R. Kennell, L.H. Jamieson, Establishing the genuinity of remote computer systems, in: 12th USENIX Security Symposium, August 4-8, 2003, Washington, DC, USA, USENIX, 2003
14. Kühn U., Selhorst M., and Stüble C. Realizing property-based attestation and sealing with commonly available hard- and software. 2007 ACM Workshop on Scalable Trusted Computing. STC'07 (2007), ACM, New York, NY, USA
15. J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, H. Isozaki, Flicker: An execution infrastructure for TCB minimization, in: ACM European Conference in Computer Systems, EuroSys 2008, 2008
16. Monrose F., Wyckoff P., and Rubin A.D. Distributed execution with remote audit. Network and Distributed System Security Symposium. NDSS 1999, San Diego, CA, USA (1999), The Internet Society
17. Peinado M., Chen Y., England P., and Manferdelli J. NGSCB: A trusted open system. In: Wang H., Pieprzyk J., and Varadharajan V. (Eds). 9th Australasian Conference on Information Security and Privacy. ACISP 2004, Sydney, Australia, July 13-15, 2004. Lecture Notes in Computer Science vol. 3108 (2004), Springer
18. Sadeghi A.-R., Selhorst M., Stüble C., Wachsmann C., and Winandy M. TCG inside?: A note on TPM specification compliance. First ACM Workshop on Scalable Trusted Computing. STC'06 (2006), ACM Press, New York, NY, USA
19. Sadeghi A.-R., and Stüble C. Property-based attestation for computing platforms: Caring about properties, not mechanisms. In: Hempelmann C., and Raskin V. (Eds). New Security Paradigms Workshop 2004. September 20-23, 2004, Nova Scotia, Canada (2004), ACM
20. R. Sailer, X. Zhang, T. Jaeger, L. van Doorn, Design and implementation of a TCG-based integrity measurement architecture, in: 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, USENIX, 2004
21. Seshadri A., Luk M., Perrig A., van Doorn L., and Khosla P.K. Externally verifiable code execution. Commununications of the ACM 49 9 (2006) 45-49
22. Seshadri A., Luk M., Shi E., Perrig A., van Doorn L., and Khosla P.K. Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. In: Herbert A., and Birman K.P. (Eds). 20th ACM Symposium on Operating Systems Principles 2005. SOSP 2005, Brighton, UK, October 23-26, 2005 (2005), ACM
23. Seshadri A., Perrig A., van Doorn L., and Khosla P.K. SWATT: SoftWare-based ATTestation for embedded devices. 2004 IEEE Symposium on Security and Privacy. S&P 2004, 9-12 May 2004, Berkeley, CA, USA (2004), IEEE Computer Society
24. U. Shankar, M. Chew, J.D. Tygar, Side effects are not sufficient to authenticate software, in: 13th USENIX Security Symposium, August 9-13, 2004, San Diego, CA, USA, USENIX, 2004
25. Shi E., Perrig A., and van Doorn L. BIND: A fine-grained attestation service for secure distributed systems. 2005 IEEE Symposium on Security and Privacy. S&P 2005, 8-11 May 2005, Oakland, CA, USA (2005), IEEE Computer Society
26. Tan G., Chen Y., and Jakubowski M.H. Delayed and controlled failures in tamper-resistant systems. 8th Information Hiding. Lecture Notes in Computer Science, LNCS vol. 4437 (2006)
27. van Oorschot P.C., Somayaji A., and Wurster G. Hardware-assisted circumvention of self-hashing software tamper resistance. IEEE Transactions on Dependable and Secure Computing 2 2 (2005) 82-92
28. Wurster G., van Oorschot P.C., and Somayaji A. A generic attack on checksumming-based software tamper resistance. 2005 IEEE Symposium on Security and Privacy. S&P 2005, 8-11 May 2005, Oakland, CA, USA (2005), IEEE Computer Society
29. Zhang X., and Gupta R. Hiding program slices for software security. 1st IEEE/ACM International Symposium on Code Generation and Optimization. CGO 2003, 23-26 March 2003, San Francisco, CA, USA (2003), IEEE Computer Society