Practical analysis framework for software-based attestation scheme

Practical analysis framework for software-based attestation scheme

An increasing number of ”smart” embedded devices are employed in our living environment nowadays. Unlike traditional computer systems, these devices are often physically accessible to the attackers. It is therefore almost impossible to guarantee that they are un-compromised, i.e., that indeed the de...

Full description

Saved in:
Bibliographic Details
Main Authors: LI, Li, HU, Hong, SUN, Jun, LIU, Yang, DONG Jin Song
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2014
Subjects:
Memory State
Data Memory
Memory Address
Malicious Code
Embed Device
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/4986
https://ink.library.smu.edu.sg/context/sis_research/article/5989/viewcontent/practical_analysis.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-5989
record_format dspace
spelling sg-smu-ink.sis_research-59892020-03-12T09:44:52Z Practical analysis framework for software-based attestation scheme LI, Li HU, Hong SUN, Jun LIU, Yang DONG Jin Song, An increasing number of ”smart” embedded devices are employed in our living environment nowadays. Unlike traditional computer systems, these devices are often physically accessible to the attackers. It is therefore almost impossible to guarantee that they are un-compromised, i.e., that indeed the devices are executing the intended software. In such a context, software-based attestation is deemed as a promising solution to validate their software integrity. It guarantees that the software running on the embedded devices are un-compromised without any hardware support. However, designing software-based attestation protocols are shown to be error-prone. In this work, we develop a framework for design and analysis of software-based attestation protocols. We first propose a generic attestation scheme that captures most existing software-based attestation protocols. After formalizing the security criteria for the generic scheme, we apply our analysis framework to several well-known software-based attestation protocols and report various potential vulnerabilities. To the best of our knowledge, this is the first practical analysis framework for software-based attestation protocols. 2014-05-11T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4986 info:doi/10.1007/978-3-319-11737-9_19 https://ink.library.smu.edu.sg/context/sis_research/article/5989/viewcontent/practical_analysis.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Memory State Data Memory Memory Address Malicious Code Embed Device Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Memory State
Data Memory
Memory Address
Malicious Code
Embed Device
Software Engineering
spellingShingle Memory State
Data Memory
Memory Address
Malicious Code
Embed Device
Software Engineering
LI, Li
HU, Hong
SUN, Jun
LIU, Yang
DONG Jin Song,
Practical analysis framework for software-based attestation scheme
description An increasing number of ”smart” embedded devices are employed in our living environment nowadays. Unlike traditional computer systems, these devices are often physically accessible to the attackers. It is therefore almost impossible to guarantee that they are un-compromised, i.e., that indeed the devices are executing the intended software. In such a context, software-based attestation is deemed as a promising solution to validate their software integrity. It guarantees that the software running on the embedded devices are un-compromised without any hardware support. However, designing software-based attestation protocols are shown to be error-prone. In this work, we develop a framework for design and analysis of software-based attestation protocols. We first propose a generic attestation scheme that captures most existing software-based attestation protocols. After formalizing the security criteria for the generic scheme, we apply our analysis framework to several well-known software-based attestation protocols and report various potential vulnerabilities. To the best of our knowledge, this is the first practical analysis framework for software-based attestation protocols.
format text
author LI, Li
HU, Hong
SUN, Jun
LIU, Yang
DONG Jin Song,
author_facet LI, Li
HU, Hong
SUN, Jun
LIU, Yang
DONG Jin Song,
author_sort LI, Li
title Practical analysis framework for software-based attestation scheme
title_short Practical analysis framework for software-based attestation scheme
title_full Practical analysis framework for software-based attestation scheme
title_fullStr Practical analysis framework for software-based attestation scheme
title_full_unstemmed Practical analysis framework for software-based attestation scheme
title_sort practical analysis framework for software-based attestation scheme
publisher Institutional Knowledge at Singapore Management University
publishDate 2014
url https://ink.library.smu.edu.sg/sis_research/4986
https://ink.library.smu.edu.sg/context/sis_research/article/5989/viewcontent/practical_analysis.pdf
_version_ 1770575168270237696

Similar Items