Security and Privacy in Mobile Information and Communication Systems. Third International ICST Conference, MobiSec 2011, Aalborg, Denmark, May 17-19, 2011, Revised Selected Papers

Research Article

Policy Driven Remote Attestation

Download
494 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-30244-2_13,
        author={Anandha Gopalan and Vaibhav Gowadia and Enrico Scalavino and Emil Lupu},
        title={Policy Driven Remote Attestation},
        proceedings={Security and Privacy in Mobile Information and Communication Systems. Third International ICST Conference, MobiSec 2011, Aalborg, Denmark, May 17-19, 2011, Revised Selected Papers},
        proceedings_a={MOBISEC},
        year={2012},
        month={10},
        keywords={Remote Attestation Trusted Platform Module Policy based attestation},
        doi={10.1007/978-3-642-30244-2_13}
    }
    
  • Anandha Gopalan
    Vaibhav Gowadia
    Enrico Scalavino
    Emil Lupu
    Year: 2012
    Policy Driven Remote Attestation
    MOBISEC
    Springer
    DOI: 10.1007/978-3-642-30244-2_13
Anandha Gopalan1,*, Vaibhav Gowadia1,*, Enrico Scalavino1,*, Emil Lupu1,*
  • 1: Imperial College London
*Contact email: a.gopalan@imperial.ac.uk, v.gowadia@imperial.ac.uk, e.scalavino@imperial.ac.uk, e.c.lupu@imperial.ac.uk

Abstract

Increasingly organisations need to exchange and share data amongst their employees as well as with other organisations. This data is often sensitive and/or confidential, and access to it needs to be protected. Architectures to protect disseminated data have been proposed earlier, but absence of a trusted enforcement point on the end-user machine undermines the system security. The reason being, that an adversary can modify critical software components. In this paper, we present a policy-driven approach that allows us to prove the integrity of a system and which decouples authorisation logic from remote attestation.