J. Huh, Hyoungshick Kim, J. Lyle, Andrew P. Martin
{"title":"以更少的努力实现认证:一种间接和可配置的完整性报告方法","authors":"J. Huh, Hyoungshick Kim, J. Lyle, Andrew P. Martin","doi":"10.1145/2046582.2046589","DOIUrl":null,"url":null,"abstract":"This paper proposes an indirect attestation paradigm for verifying the trustworthiness of end user platforms. This approach overcomes several criticisms of attestation by maintaining the user's freedom to choose their own software configurations and minimising the whitelist management overhead for the relying party. Each user platform defines its own acceptable software combination in terms of reference integrity measurements, and reports the local verification results to the relying party through a late-launched, trusted Platform Trust Service. The relying party simply checks this verification result and a security meta-policy that has been used to ensure the quality of the security checks performed locally. The Platform Trust Service is also responsible for reporting whether this meta-policy is satisfied. By configuring the meta-policy, the relying party selects an indirect attestation paradigm that best meets their high-level security requirements.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Achieving attestation with less effort: an indirect and configurable approach to integrity reporting\",\"authors\":\"J. Huh, Hyoungshick Kim, J. Lyle, Andrew P. Martin\",\"doi\":\"10.1145/2046582.2046589\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes an indirect attestation paradigm for verifying the trustworthiness of end user platforms. This approach overcomes several criticisms of attestation by maintaining the user's freedom to choose their own software configurations and minimising the whitelist management overhead for the relying party. Each user platform defines its own acceptable software combination in terms of reference integrity measurements, and reports the local verification results to the relying party through a late-launched, trusted Platform Trust Service. The relying party simply checks this verification result and a security meta-policy that has been used to ensure the quality of the security checks performed locally. The Platform Trust Service is also responsible for reporting whether this meta-policy is satisfied. By configuring the meta-policy, the relying party selects an indirect attestation paradigm that best meets their high-level security requirements.\",\"PeriodicalId\":401412,\"journal\":{\"name\":\"Scalable Trusted Computing\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Scalable Trusted Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2046582.2046589\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scalable Trusted Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2046582.2046589","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Achieving attestation with less effort: an indirect and configurable approach to integrity reporting
This paper proposes an indirect attestation paradigm for verifying the trustworthiness of end user platforms. This approach overcomes several criticisms of attestation by maintaining the user's freedom to choose their own software configurations and minimising the whitelist management overhead for the relying party. Each user platform defines its own acceptable software combination in terms of reference integrity measurements, and reports the local verification results to the relying party through a late-launched, trusted Platform Trust Service. The relying party simply checks this verification result and a security meta-policy that has been used to ensure the quality of the security checks performed locally. The Platform Trust Service is also responsible for reporting whether this meta-policy is satisfied. By configuring the meta-policy, the relying party selects an indirect attestation paradigm that best meets their high-level security requirements.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
