Visible to the public MSRR: Measurement Framework For Remote Attestation

Submitted by aekwall on Wed, 02/13/2019 - 11:59am
TitleMSRR: Measurement Framework For Remote Attestation
Publication TypeConference Paper
Year of Publication2018
AuthorsGevargizian, J., Kulkarni, P.
Conference Name2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech)
Keywordsapplication-specific measurement policies, attestation, composability, core measurement functionality, Current measurement, dynamic program state, dynamic RA system, general-purpose measurement framework, Human Behavior, Kernel, Linux, Measurement, Monitoring, MSRR robust querying language, pubcrawl, query languages, remote attestation system, remote system, remote untrusted host, Resiliency, run-time measurement, security of data, Software measurement, system monitoring, Time measurement, Trusted Computing
AbstractMeasurers are critical to a remote attestation (RA) system to verify the integrity of a remote untrusted host. Run-time measurers in a dynamic RA system sample the dynamic program state of the host to form evidence in order to establish trust by a remote system (appraiser). However, existing run-time measurers are tightly integrated with specific software. Such measurers need to be generated anew for each software, which is a manual process that is both challenging and tedious. In this paper we present a novel approach to decouple application-specific measurement policies from the measurers tasked with performing the actual run-time measurement. We describe MSRR (MeaSeReR), a novel general-purpose measurement framework that is agnostic of the target application. We show how measurement policies written per application can use MSRR, eliminating much time and effort spent on reproducing core measurement functionality. We describe MSRR's robust querying language, which allows the appraiser to accurately specify the what, when, and how to measure. We evaluate MSRR's overhead and demonstrate its functionality.
DOI10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00130
Citation Keygevargizian_msrr:_2018
Groups: