Sciweavers

ACSAC
2007
IEEE

Establishing and Sustaining System Integrity via Root of Trust Installation

14 years 6 months ago
Establishing and Sustaining System Integrity via Root of Trust Installation
Integrity measurements provide a means by which distributed systems can assess the trustability of potentially compromised remote hosts. However, current measurement techniques simply assert the identity of software, but provide no indication of the ongoing status of the system or its data. As a result, a number of significant vulnerabilities can result if the system is not configured and managed carefully. To improve the management of a system’s integrity, we propose a Root of Trust Installation (ROTI) as a foundation for high integrity systems. A ROTI is a trusted system installer that also asserts the integrity of the trusted computing base software and data that it installs to enable straightforward, comprehensive integrity verification for a system. The ROTI addresses a historically limiting problem in integrity measurement: determining what constitutes a trusted system state in a heterogeneous, evolving environment. Using the ROTI, a high integrity system state is defined ...
Luke St. Clair, Joshua Schiffman, Trent Jaeger, Pa
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where ACSAC
Authors Luke St. Clair, Joshua Schiffman, Trent Jaeger, Patrick McDaniel
Comments (0)