BLINDTRUST: Oblivious Remote Attestation for Secure Service Function Chains [article]

Heini Bergsson Debes, Thanassis Giannetsos, Ioannis Krontiris
2021 arXiv   pre-print
With the rapidly evolving next-generation systems-of-systems, we face new security, resilience, and operational assurance challenges. In the face of the increasing attack landscape, it is necessary to cater to efficient mechanisms to verify software and device integrity to detect run-time modifications. Towards this direction, remote attestation is a promising defense mechanism that allows a third party, the verifier, to ensure a remote device's (the prover's) integrity. However, many of the
more » ... sting families of attestation solutions have strong assumptions on the verifying entity's trustworthiness, thus not allowing for privacy preserving integrity correctness. Furthermore, they suffer from scalability and efficiency issues. This paper presents a lightweight dynamic configuration integrity verification that enables inter and intra-device attestation without disclosing any configuration information and can be applied on both resource-constrained edge devices and cloud services. Our goal is to enhance run-time software integrity and trustworthiness with a scalable solution eliminating the need for federated infrastructure trust.
arXiv:2107.05054v1 fatcat:zm7kvsg4izftnp2gbft5hubjxq