TL;DR
This paper introduces a formal framework for layered attestation systems, helping designers understand trust implications and improve the reliability of system measurements across layers.
Contribution
It provides a formal model and reusable principles for reasoning about trustworthiness in layered attestation systems.
Findings
Formal framework for layered attestations
Guidelines for trustworthy attestation configurations
Enhanced understanding of trust trade-offs in layered systems
Abstract
Systems designed with measurement and attestation in mind are often layered, with the lower layers measuring the layers above them. Attestations of such systems, which we call layered attestations, must bundle together the results of a diverse set of application-specific measurements of various parts of the system. Some methods of layered attestation are more trustworthy than others, so it is important for system designers to understand the trust consequences of different system configurations. This paper presents a formal framework for reasoning about layered attestations, and provides generic reusable principles for achieving trustworthy results.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Advanced Malware Detection Techniques · Physical Unclonable Functions (PUFs) and Hardware Security