Skip to main content
SpringerLink
Log in

Measuring Semantic Integrity for Remote Attestation

  • Conference paper
Book cover Trusted Computing (Trust 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5471))

Included in the following conference series:

Abstract

We propose a framework for the attestation of the integrity of a remote system that considers not only the configuration of the system to be attested but also its current behaviour. The resulting architecture, called Virtual machine Integrity Measurement System (VIMS), is based upon virtualization technology and it runs two virtual machines on a system to be attested, i.e. the Client (C-VM) and the Assurance VM (A-VM). A generic remote server (REM-S) accepts incoming connections and cooperates with the A-VM to authenticate and attest the integrity of the C-VM and of the software it runs. The A-VM is a shadow machine that exploits virtual machine introspection to apply a set of consistency checks on the configuration of the C-VM and on the software it currently runs. The checks depend upon the security policies that the REM-S establishes in the initial connection handshake. The REM-S defines both the complexity of checks to be applied and the frequency of their execution and it communicates the security policy to the A-VM through a control channel. Policies that can be applied range from the one that simply checks the integrity of the binaries loaded by the C-VM to those that continuously monitor the dynamic behaviour of applications to discover attacks that alter their expected behaviour. The control channel also transmits the results of the checks from the A-VM to the REM-S. As an example, remote attestation can be adopted when a client software on the C-VM tries to establish a secure channel to a REM-S on an Intranet.

After describing the overall VIMS architecture, we present and discuss the implementation and the performance of a first prototype.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Cabuk, S., Dalton, C.I., Ramasamy, H., Schunter, M.: Towards automated provisioning of secure virtualized networks. In: CCS 2007: Proceedings of the 14th ACM conference on Computer and communications security, pp. 235–245. ACM, New York (2007)

    Google Scholar 

  2. Griffin, J., Jaeger, T., Perez, R., Sailer, R., van Doorn, L., Caceres, R.: Trusted Virtual Domains: Toward secure distributed services. In: Proc. of 1st IEEE Workshop on Hot Topics in System Dependability (HotDep) (2005)

    Google Scholar 

  3. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: Proceedings of the 19th Symposium on Operating System Principles(SOSP 2003) (October 2003)

    Google Scholar 

  4. Sailer, R., Zhang, X., Jaeger, T.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th conference on USENIX Security Symposium, pp. 223–238 (2004)

    Google Scholar 

  5. Kyle, D., Brustoloni, J.C.: Uclinux: a linux security module for trusted-computing-based usage controls enforcement. In: STC 2007: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pp. 63–70. ACM, New York (2007)

    Chapter  Google Scholar 

  6. Jansen, B., Ramasamy, H., Schunter, M.: Policy enforcement and compliance proofs for Xen virtual machines. In: Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, pp. 101–110 (2008)

    Google Scholar 

  7. Sailer, R., Jaeger, T., Zhang, X., van Doorn, L.: Attestation-based policy enforcement for remote access. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 308–317. ACM, New York (2004)

    Google Scholar 

  8. Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: SOSP 2005: Proceedings of the twentieth ACM symposium on Operating systems principles, pp. 1–16. ACM, New York (2005)

    Chapter  Google Scholar 

  9. Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: NSPW 2004: Proceedings of the 2004 workshop on New security paradigms, pp. 67–77. ACM, New York (2004)

    Google Scholar 

  10. Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A., Stüble, C.: A protocol for property-based attestation. In: Proceedings of the first ACM workshop on Scalable trusted computing, pp. 7–16. ACM, New York (2006)

    Chapter  Google Scholar 

  11. Poritz, J., Schunter, M., Van Herreweghen, E., Waidner, M.: Property attestation: scalable and privacy-friendly security assessment of peer computers. Research Report RZ3548, IBM Corporation (May 2004)

    Google Scholar 

  12. Petroni Jr., N., Fraser, T., Walters, A., Arbaugh, W.: An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data. In: Proc. of the 15th USENIX Security Symposium (2006)

    Google Scholar 

  13. Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: a virtual machine directed approach to trusted computing. In: VM 2004: Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, Berkeley, CA, USA, p. 3. USENIX Association (2004)

    Google Scholar 

  14. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: policy-reduced integrity measurement architecture. In: Proceedings of the eleventh ACM symposium on Access control models and technologies, pp. 19–28. ACM, New York (2006)

    Chapter  Google Scholar 

  15. Pearson, S.: Trusted Computing Platforms, the Next Security Solution. Beaverton. Trusted Computing Group Administration, USA (2002)

    Google Scholar 

  16. Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux kernel integrity measurement using contextual inspection. In: STC 2007: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pp. 21–29. ACM, New York (2007)

    Chapter  Google Scholar 

  17. Bajikar, S.: Trusted Platform Module (TPM) based Security on Notebook PCs-White Paper. Mobile Platforms Group, Intel Corporation (June 20, 2002)

    Google Scholar 

  18. Intel: Trusted Execution Technology, http://www.intel.com/technology/security

  19. Berger, S., Cáceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vtpm: virtualizing the trusted platform module. In: USENIX-SS’06: Proceedings of the 15th conference on USENIX Security Symposium, Berkeley, CA, USA, p. 21. USENIX Association (2006)

    Google Scholar 

  20. England, P., Loeser, J.: Para-Virtualized TPM Sharing. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 119–132. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  21. Dunlap, G., King, S., Cinar, S., Basrai, M., Chen, P.: ReVirt: enabling intrusion analysis through virtual-machine logging and replay. ACM SIGOPS Operating Systems Review 36, 211–224 (2002)

    Article  Google Scholar 

  22. Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proc. Network and Distributed Systems Security Symposium (February 2003)

    Google Scholar 

  23. SourceForge.net: Trusted Boot, http://sourceforge.net/projects/tboot

  24. Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Pratt, I., Warfield, A., Barham, P., Neugebauer, R.: Xen and the art of virtualization. In: Proceedings of the ACM Symposium on Operating Systems Principles (October 2003)

    Google Scholar 

  25. Sgandurra, D., Baiardi, F., Maggiari, D., Tamberi, F.: Transparent Process Monitoring in a Virtual Environment. In: Proceedings of the Third International Workshop on Views On Designing Complex Architectures (VODCA 2008), Bertinoro. ENTCS, Elsevier ScienceDirect (to appear) (2008)

    Google Scholar 

  26. Tamberi, F., Maggiari, D., Sgandurra, D., Baiardi, F.: Semantics-Driven Introspection in a Virtual Environment. In: Proceedings of the Fourth International Conference on Information Assurance and Security (IAS 2008), pp. 299–302 (2008)

    Google Scholar 

  27. OpenVPN: An Open Source SSL VPN Solution, http://openvpn.net/

  28. TPM/J: Java-based API for the Trusted Platform Module (TPM), http://projects.csail.mit.edu/tc/tpmj/

  29. IOzone: Filesystem Benchmark, http://www.iozone.org/

  30. Mosberger, D., Jin, T.: httperf: a tool for measuring web server performance. ACM SIGMETRICS Performance Evaluation Review 26(3), 31–37 (1998)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Polo G. Marconi, La Spezia, Università di Pisa, Italy

    Fabrizio Baiardi

  2. Dipartimento di Informatica, Università di Pisa, Italy

    Diego Cilea & Daniele Sgandurra

  3. ENEL SpA, Italy

    Francesco Ceccarelli

Authors
  1. Fabrizio Baiardi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Diego Cilea
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniele Sgandurra
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Francesco Ceccarelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett Packard Labs, Filton Road, BS34 8QZ, Bristol, Stoke Gifford, UK

    Liqun Chen

  2. Information Security Group, Royal Holloway, University of London, TW20 0EX, Surrey, Egham, UK

    Chris J. Mitchell

  3. Oxford University Computing Laboratory, Wolfson Building, Parks Road, OX1 3QD, Oxford, UK

    Andrew Martin

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Baiardi, F., Cilea, D., Sgandurra, D., Ceccarelli, F. (2009). Measuring Semantic Integrity for Remote Attestation. In: Chen, L., Mitchell, C.J., Martin, A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00587-9_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00587-9_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00586-2

  • Online ISBN: 978-3-642-00587-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation