Remote Attestation (RA) is the process of reporting the configuration of a Trusted Platform (TP) to a remote verifier (V). According to the specification of the TCG, the configuration is represented by a set of PCR values and optionally the corresponding measurement logs. The PCR values are signed by the TPM using an AIK.
NEW Paper On Scalability of Remote Attestation, presented at STC 2011 (2011/10/17)
Among the problems of binary remote attestation, scalability has often been mentioned in literature because a verifier must know all possible measurements considered acceptable.
In this paper, we show that scalability is a manageable issue when attesting a Linux distribution. The main challenges still open are identifying, with low time impact, the scripts executed, the configuration of the components and other file types.
Attest your Linux system or try our examples: use the web front-end (cited in the paper) to experiment with the validation of the IMA integrity measurements, being part of the RA process.
The Trusted Platform Agent now supports a remote attestation protocol (2010/12/03)
Last modified on Sunday, 16-Oct-2011 18:53:53