CFP last date
20 January 2025
Reseach Article

Platform Property Certificate for Property-based Attestation Model

by Nazanin Borhan, Ramlan Mahmod
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 65 - Number 13
Year of Publication: 2013
Authors: Nazanin Borhan, Ramlan Mahmod
10.5120/10985-6142

Nazanin Borhan, Ramlan Mahmod . Platform Property Certificate for Property-based Attestation Model. International Journal of Computer Applications. 65, 13 ( March 2013), 28-37. DOI=10.5120/10985-6142

@article{ 10.5120/10985-6142,
author = { Nazanin Borhan, Ramlan Mahmod },
title = { Platform Property Certificate for Property-based Attestation Model },
journal = { International Journal of Computer Applications },
issue_date = { March 2013 },
volume = { 65 },
number = { 13 },
month = { March },
year = { 2013 },
issn = { 0975-8887 },
pages = { 28-37 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume65/number13/10985-6142/ },
doi = { 10.5120/10985-6142 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:18:42.515216+05:30
%A Nazanin Borhan
%A Ramlan Mahmod
%T Platform Property Certificate for Property-based Attestation Model
%J International Journal of Computer Applications
%@ 0975-8887
%V 65
%N 13
%P 28-37
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Binary Attestation is currently used in trusted computing environments involving the standard TCG attestation mechanism. However, this mechanism still has deficiencies in terms of flexibility, privacy and scalability. Thus, to overcome these problems, Property-based Attestation has been proposed. Two important issues should be considered in the context of property-based attestation; these include the content of the property and the protocol design. In this study, the researchers proposed platform property certificate, based on the current certificates of the system as the model's property. In addition, a client-server attestation protocol that could apply this particular property is also proposed. In order to show the feasibility of the model, the proposed model was implemented. The results of the implementation showed that the model is efficient to be used to accept and reject valid and invalid inputs. Hence, security aspects listed as privacy, flexibility, scalability and also integrity of the model is checked, while it is crucial to note that it also fulfils the requirements of property-based attestation with TCG standard specifications.

References
  1. TCG, Trusted Computing Group. http://www. trustedcomputinggroup. org.
  2. Sadeghi, A. -R. , Trusted Computing —Special Aspects and Challenges. In: SOFSEM 2008: Theory and Practice of Computer Science, Lecture Notes in Computer Science, Springer Berlin / Heidelberg, pp. 98-117, Vol 4910, 2008.
  3. Pearson, s. , Trusted Computing Platforms: TCPA Technology in context. Book - Prentice Hall PTR 2003.
  4. Vivek Haldar, D. C. a. M. F. , Semantic Remote Attestation — A Virtual Machine directed approach to Trusted Computing. In: Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3. USENIX Association, Berkeley, CA, USA, 3-3, 2004.
  5. AhmadReza Sadeghi , C. S. u. , Property-based Attestation for Computing Platforms: Caring about properties, not mechanisms. In: Proceedings of the workshop on New security paradigms (NSPW '04). ACM, New York, NY, USA, 67-77, 2004.
  6. Liqun Chen , R. L. , Hans Lohr, Markus Rohe, AhmadReza Sadeghi, and Christian Stuble, A Protocol for Property Based Attestation. in: Proceedings of the first ACM workshop on Scalable trusted computing (STC '06). ACM, New York, NY, USA, 7-16, 2006.
  7. Ulrich Kühn, M. S. , and Christian Stüble, Realizing Property-Based Attestation and Sealing with Commonly Available Hard- and Software. In: The Second ACM Workshop on Scalable Trusted Computing (STC'07), 2007.
  8. Jonathan Poritz, M. S. , Els Van Herreweghen, Michael Waidner IBM Zurich Research Laboratory Z¨urich, Switzerland, Property Attestation—Scalable and Privacy-friendly Security Assessment of Peer Computers. in: IBM Technical Report, 2004.
  9. CUI Yan-Li, Z. X. , Credibility Attestation of Property Remote Attestation Method. In: Second International Conference on Future Information Technology and Management Engineering, IEEE, 2009.
  10. Aarthi Nagarajan, V. V. , Michael Hitchens, Eimear Gallery, Property-based Attestation and Trusted Computing: Analysis and Challenges. in: Third International Conference on Network and System Security IEEE Computer Society, 2009.
  11. Liqun Chen, H. L. , Mark Manulis, Ahmad-Reza Sadeghi, Property-Based Attestation without a Trusted Third Party. in: Information Security Conference (ISC), 2008.
  12. Yacine Gasmi, A. -R. S. , Patrick Stewin, Beyond Secure Channels. in: Proceedings of the ACM workshop on Scalable trusted computing, 2007.
  13. Kenneth Goldman, R. P. , Reiner Sailer, Linking Remote Attestation to Secure Tunnel Endpoints. in: Technical Report RC23982, IBM, 2006
  14. Gutmann, P. , PKI: it's not dead just resting. In: IEEE Computer Society, (vol. 35 no. 8) pp. 41-49, August 2002.
  15. Jiguo Li, X. H. , Yi Mu, Willy Susilo, Qianhong Wu, Constructions of certificate-based signature secure against key replacement attacks. In: Journal of Computer Security, Publisher IOS Press, Computer & Communication Sciences, (vol 18, Number 3) pp. 421-449, May 20, 2010.
  16. Ronald Toegl, G. H. , Karin Greimel, Adrian Leung, Raphael C-W. , Phan and Roderick Bloem, Formal Analysis of a TPM-Based Secrets Distribution and Storage Scheme. In: The 9th International Conference for Young Computer Scientists. IEEE Computer Society, 2008.
  17. Paul E. , Sevin c, M. S. , and David Basin, Securing the Distribution and Storage of Secrets with Trusted Platform Modules. In: IFIP International Federation for Information Processing, 2007.
  18. Frederic Stumpf, O. T. , Patrick R¨oder, Claudia Eckert, A Robust Integrity Reporting Protocol for Remote Attestation. In: Second Workshop on Advances in Trusted Computing,Tokyo, Japan, November 2006
Index Terms

Computer Science
Information Sciences

Keywords

Network-level security and protection Trusted Computing Public-Private key Authentication