Scalable Trust Semantics & Infrastructure

Remote attestation provides a run-time capability for appraising system behavior and establishing trust. Using remote attestation, an appraiser requests evidence describing a target. The target responds by performing measurement to gather evidence then adds cryptographic signatures to assure integrity and authenticity. The appraiser takes the evidence and assesses the target's behavior to determine if the target is who and what it claims to be.

Remote attestation has enormous potential for establishing trust in highly distributed IoT and cyber-physical systems. However, significant work remains to build an overarching science of remote attestation. Successful completion of this project will result in a science of trust and remote attestation for cyber-physical systems. Specifically:

• Semantics of trust--Definitions of trust and metrics for soundness of evaluation and appraisal
• Semantics of measurement, attestation and appraisal--Metrics for soundness and sufficiency of evidence, semantic mechanisms for identity and attestation, formal definitions of evidence and meta-evidence appraisal
• Systematic mechanisms for establishing roots of trust--Metrics for evaluating roots of trust and general mechanisms for establishing roots of trust on cyber-physical systems
• Attestation protocol representation and semantics--Formal, executable representations for attestation protocols and tools for static analysis
• Implementing and scaling trust infrastructure--Hierarchical frameworks for trust infrastructure including virtualized TPM implementations, trust aggregation and trust as a service

Warren Alexander