Orchestrating Layered Attestations
Title | Orchestrating Layered Attestations |
Publication Type | Conference Proceedings |
Year of Publication | 2019 |
Authors | John Ramsdell, Paul Rowe, Perry Alexander, Sarah Helble, Peter Loscocco, J. Aaron Pendergrass, Adam Petz |
Conference Name | Principles of Security and Trust (POST’19) |
Series Title | Lecture Notes in Computer Science |
Volume | 11426 |
Pagination | 197-221 |
Date Published | April 8-11, 2019 |
Publisher | Springer, Cham |
Conference Location | Prague, Czech Republic |
ISBN Number | 978-3-030-17138-4 |
ISBN | 978-3-030-17138-4 |
Keywords | 2019: April, KU, Policy-Governed Secure Collaboration, Scalability and Composability, Scalable Trust Semantics & Infrastructure |
Abstract | We present Copland, a language for specifying layered attestations. Layered attestations provide a remote appraiser with structured evidence of the integrity of a target system to support a trust decision. The language is designed to bridge the gap between formal analysis of attestation security guarantees and concrete implementations. We therefore provide two semantic interpretations of terms in our language. The first is a denotational semantics in terms of partially ordered sets of events. This directly connects Copland to prior work on layered attestation. The second is an operational semantics detailing how the data and control flow are executed. This gives explicit implementation guidance for attestation frameworks. We show a formal connection between the two semantics ensuring that any execution according to the operational semantics is consistent with the denotational event semantics. This ensures that formal guarantees resulting from analyzing the event semantics will hold for executions respecting the operational semantics. All results have been formally verified with the Coq proof assistant. |
URL | https://link.springer.com/chapter/10.1007/978-3-030-17138-4_9#:~:text=Layered%20attestations%20provi... |
DOI | 10.1007/978-3-030-17138-4_9 |
Citation Key | node-60287 |
Refereed Designation | Refereed |