Filters








53 Hits in 1.8 sec

On the TOCTOU Problem in Remote Attestation [article]

Ivan De Oliveira Nunes, Sashidhar Jakkamsetti, Norrathep Rattanavipanon, Gene Tsudik
2021 arXiv   pre-print
We propose Remote Attestation with TOCTOU Avoidance (RATA): a provably secure approach to address the RA TOCTOU problem.  ...  Compared with current RA architectures - that offer no TOCTOU protection - RATA incurs no extra runtime overhead. In fact, RATA substantially reduces computational costs of RA execution.  ...  We emphasize that the RA-TOCTOU problem (as formulated in this paper) should not be confused or conflated with the problem of ensuring temporal consistency between attestation and execution of a binary  ... 
arXiv:2005.03873v2 fatcat:oewjkublwfgzpl4h773d5lu5q4

New Results for Timing-Based Attestation

Xeno Kovah, Corey Kallenberg, Chris Weathers, Amy Herzog, Matthew Albin, John Butterworth
2012 2012 IEEE Symposium on Security and Privacy  
Of Check, Time Of Use (TOCTOU) attacks have not received appropriate attention in the literature.  ...  We describe the design and results of a set of experiments showing the effectiveness of our timing-based system, thereby providing further evidence of the practicality of timing-based attestation in real-world  ...  We also discuss the often misunderstood problem of Time Of Check, Time Of Use (TOCTOU) attacks against code integrity in Section V and how remote attestation systems must adapt their designs to defend  ... 
doi:10.1109/sp.2012.45 dblp:conf/sp/KovahKWHAB12 fatcat:t653hxfvqrgdlkbubnjj2zawfe

A Taxonomy and Review of Remote Attestation Schemes in Embedded Systems

William A. Johnson, Sheikh Ghafoor, Stacy Prowell
2021 IEEE Access  
CONCLUSION We have reviewed 58 research articles on Remote Attestation (RA) in embedded systems.  ...  [39] Hybrid Trustzone Remote Dynamic Continuous CF Graph One-to-One Dessouky et al. [40] Hardware Isolation Remote Dynamic Continuous CF Graph One-to-One verifiers necessary in a network.  ...  [54] Hardware PUF Remote Dynamic Discrete Whitelist One-to-One Schulz et al. [55] Hardware PUF Remote Dynamic Discrete Whitelist One-to-One Ammar et al.  ... 
doi:10.1109/access.2021.3119220 fatcat:otzlwmvvtbgixhxmyfegzlbnji

RIPTE: Runtime Integrity Protection Based on Trusted Execution for IoT Device

Yu Qin, Jingbin Liu, Shijun Zhao, Dengguo Feng, Wei Feng
2020 Security and Communication Networks  
The results of our prototype's experiment show that it only increases a small size TCB and has a tiny overhead in IoT devices under the constraint on function calling.  ...  Software attacks like worm, botnet, and DDoS are the increasingly serious problems in IoT, which had caused large-scale cyber attack and even breakdown of important information infrastructure.  ...  Acknowledgments e research presented in this paper was supported by National Key R&D Program of China (2018YFB0904903 and 2020YFE0200600) and National Natural Science Foundation of China (Nos. 61872343  ... 
doi:10.1155/2020/8957641 fatcat:w373tmsvqna5tniaatv7viqqmq

Cyber-Physical Systems Attestation

Junia Valente, Carlos Barreto, Alvaro A. Cardenas
2014 2014 IEEE International Conference on Distributed Computing in Sensor Systems  
CPS attestation is an extension to previous related work on control theory because it brings the traditional security framework of attestation in order to pose the problem of verification of devices by  ...  Remote Attestation Remote attestation is a trust establishment mechanism that allows a platform (the attestor) to reliably voucher on its current state to a remote verifier (the challenger).  ... 
doi:10.1109/dcoss.2014.61 dblp:conf/dcoss/ValenteBC14 fatcat:uvgd2sverzh75p3pgibykejygu

LWRM: A lightweight response mechanism for TCG TOCTOU attack

Xiaolin Chang, Bin Xing, Jiqiang Liu, Jogesh K. Muppala
2009 2009 IEEE 28th International Performance Computing and Communications Conference  
LWRM has the following features: (1) compared to the existing response mechanism, LWRM is more effective in defeating the TCG TOCTOU attacks; (2) LWRM imposes less overhead on the system during normal  ...  execution; (3) LWRM is transparent to the kernel rootkits; and (4) LWRM can work in the scenarios with more than one run-time trusted virtual machine.  ...  The authors in [2] investigated the TOCTOU problem with load-time integrity measurement by theoretically analyzing the attestation protocols.  ... 
doi:10.1109/pccc.2009.5403811 dblp:conf/ipccc/ChangXLM09 fatcat:ailprkeigbdcrcs7lu6wcbzs5q

BLINDTRUST: Oblivious Remote Attestation for Secure Service Function Chains [article]

Heini Bergsson Debes, Thanassis Giannetsos, Ioannis Krontiris
2021 arXiv   pre-print
Towards this direction, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device's (the prover's) integrity.  ...  However, many of the existing families of attestation solutions have strong assumptions on the verifying entity's trustworthiness, thus not allowing for privacy preserving integrity correctness.  ...  H(v n )). 2) Remote Attestation: In the context of TPMs, we can use the Quote interface to get a signed report of select PCR aggregates.  ... 
arXiv:2107.05054v1 fatcat:zm7kvsg4izftnp2gbft5hubjxq

Vronicle: A System for Producing Videos with Verifiable Provenance [article]

Yuxin Liu, Yoshimichi Nakatsuka, Ardalan Amiri Sani, Sharad Agarwal, Gene Tsudik
2021 arXiv   pre-print
Demonstrating the veracity of videos is a longstanding problem that has recently become more urgent and acute.  ...  Vronicle's adversarial model allows for a powerful adversary that can manipulate the video (e.g., in transit) and the software state outside the TEE.  ...  Acknowledgments The work was supported in part by NSA NCAE-C Cyber Curriculum and Research 2020 Program Award #H98230-20-1-0345 and UCI ICS Exploration Research Award.  ... 
arXiv:2109.12712v1 fatcat:mi4af6nvuvfi5ghvjlgnz4ubt4

A minimalist approach to Remote Attestation

Aurelien Francillon, Quan Nguyen, Kasper B. Rasmussen, Gene Tsudik
2014 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2014  
However, one common theme is the need for Remote Attestation, a distinct security service that allows a trusted party (verifier) to check the internal state of a remote untrusted embedded device (prover  ...  To this end, we investigate the feasibility of Remote Attestation without trusted hardware.  ...  Prior research results have underscored the difficulty of the problem.  ... 
doi:10.7873/date.2014.257 dblp:conf/date/FrancillonNRT14 fatcat:atnc25whezbzbdtuqrwm3pt7ie

Remote attestation for low-end embedded devices

Ferdinand Brasser, Kasper B. Rasmussen, Ahmad-Reza Sadeghi, Gene Tsudik
2016 Proceedings of the 53rd Annual Design Automation Conference on - DAC '16  
Despite much prior work, remote attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not.  ...  One important defense mechanism is remote attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).  ...  Acknowledgments We thank the anonymous reviewers. This work was funded in part by:  ... 
doi:10.1145/2897937.2898083 dblp:conf/dac/BrasserRST16 fatcat:zz4m2ies7vhq3lgghm56sn34dm

Attestation in Wireless Sensor Networks

Rodrigo Vieira Steiner, Emil Lupu
2016 ACM Computing Surveys  
We survey in this paper the different approaches to attestation focussing in particular on those aimed at Wireless Sensor Networks.  ...  We also point towards the open research problems and give directions on how to address them.  ...  ACKNOWLEDGMENTS The authors would like to thank the anonymous reviewers for their comments and suggestions which had a valuable contribution to the manuscript.  ... 
doi:10.1145/2988546 fatcat:id6vurkh25bsnap5rzlig5c32a

SIA: Secure Intermittent Architecture for Off-the-Shelf Resource-Constrained Microcontrollers

Daniel Dinu, Archanaa S. Khrishnan, Patrick Schaumont
2019 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)  
Therefore, SIA enables a host of secure intermittent computing applications such as self-attestation, remote attestation, and secure communication.  ...  put in place must have a low overhead on the performance, resource consumption, and cost of a device.  ...  ACKNOWLEDGEMENTS This research was supported in part by the Semiconductor Research Corporation (Task 2712.019) and by the National Science Foundation (Grant 1704176).  ... 
doi:10.1109/hst.2019.8740834 dblp:conf/host/DinuKS19 fatcat:nnhkm6kbirew3ni7jqxqvigkvm

A trusted measurement model based on dynamic policy and privacy protection in IaaS security domain

Liangming Wang, Fagui Liu
2018 EURASIP Journal on Information Security  
This paper presents a trusted measurement model based on dynamic policy and privacy protection in IaaS security domain, called TMMDP.  ...  The trusted measure was detected through the front-end and back-end modules. It then describes in detail the process of the trusted measurement in the two modules.  ...  Liu Fagui is a professor in South China University of Technology, China. She received the Ph.D. degree from South China University of Technology.  ... 
doi:10.1186/s13635-018-0071-1 fatcat:nruga4ynuvbahpdvbh2bjbl2ue

myTrustedCloud

David Wallom, Matteo Turilli, Andrew Martin, Anbang Raun, Gareth Taylor, Nigel Hargreaves, Alan McMoran
2012 Proceedings of the WICSA/ECSA 2012 Companion Volume on - WICSA/ECSA '12  
In this paper, a use case is presented illustrating how the integration of Trusted Computing technologies into an available cloud infrastructure -Eucalyptusallows the security-critical energy industry  ...  The growing number of communities that are adopting large public cloud resources such as Amazon Web Services [1] or Microsoft Azure [2] proves the success and hence usefulness of the Cloud Computing paradigm  ...  The problem is that the remote attestation reveals the detailed configuration of a platform. This information can easily be obtained by attackers and used for system profiling.  ... 
doi:10.1145/2361999.2362014 dblp:conf/wicsa/WallomTMRTHM12 fatcat:lht2ble37bd2nnjxwxhrepqydu

myTrustedCloud: Trusted Cloud Infrastructure for Security-critical Computation and Data Managment

David Wallom, Matteo Turilli, Andrew Martin, Anbang Raun, Gareth Taylor, Nigel Hargreaves, Alan McMoran
2011 2011 IEEE Third International Conference on Cloud Computing Technology and Science  
In this paper, a use case is presented illustrating how the integration of Trusted Computing technologies into an available cloud infrastructure -Eucalyptusallows the security-critical energy industry  ...  The growing number of communities that are adopting large public cloud resources such as Amazon Web Services [1] or Microsoft Azure [2] proves the success and hence usefulness of the Cloud Computing paradigm  ...  The problem is that the remote attestation reveals the detailed configuration of a platform. This information can easily be obtained by attackers and used for system profiling.  ... 
doi:10.1109/cloudcom.2011.41 dblp:conf/cloudcom/WallomTMRTHM11 fatcat:jxrugzrpkbclzj4hu665nnd2oa
« Previous Showing results 1 — 15 out of 53 results