Platform Property Certificate for Property-Based Attestation Model
Trusted Computing Group (TCG) provides a group of prominent computer manufacturers to improve a new technology called Trusted Computing (TC) which can provide a basis to the highest security level in hardware and software. The goal of TCG is to provide a mechanism for security and integrity of compu...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English |
| Published: |
2011
|
| Subjects: | |
| Online Access: | http://psasir.upm.edu.my/id/eprint/19634/1/FSKTM_2011_1.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Trusted Computing Group (TCG) provides a group of prominent computer manufacturers to improve a new technology called Trusted Computing (TC) which can provide a basis to the highest security level in hardware and software. The goal of TCG is to provide a mechanism for security and integrity of computing platforms. Remote attestation is one of the TC aspects which is the method that a system uses to authenticate to a remote party or for a remote party to verify the authenticity of the application. Among other methods of attestation, binary attestation is the TCG standard approach. However, binary attestation mechanism still lacks in flexibility, privacy and scalability and to overcome these problems Property-based Attestation was introduced. Two important issues should be considered in this context: the content of the property and the protocol that we should choose.
We proposed Platform Property Certificate based on the current certificates of a system (AIK and SSLcertificates), in our study as the model's property. At the same time, we propose a client-server attestation protocol that can apply this property by using an online Trusted Third Party to verify the trustworthiness of the certificates and measurements of the system. Performance evaluation method in this study is implementation with existing specification and hardware of TC and the criteria that are evaluated are privacy, flexibility and scalability that are compared in the proposed model with the TCG binary attestation model.
Comparison and analysis are based on an implemented binary attestation model that are designed to have the same input and output format of our own proposed model to check the results. Results shows that our property is efficient in the case of accepting and rejecting valid and invalid input and our property-based protocol overcomes the deficiencies of lack of flexibility, privacy and scalability in binary attestation mechanism. Therefore the model and the property fulfill the requirements of property-based attestation. |
|---|