Enhancing Flexibility of TCG´s TNC through Layered Property Attestation

Author

Yu, Aimin ; Zhao, Shijun

Author_Institution

State Key Lab. of Inf. Security, Inst. of Software, Beijing, China

fYear

2011

fDate

16-18 Nov. 2011

Firstpage

751

Lastpage

756

Abstract

TCG´s trusted network connect (TNC) architecture improves network security through remote attestation. However, because of the deficiencies of existing binary attestation and property attestation, current TNC is not flexible and privacy- friendly enough to be used in a large scale network environment such as Internet. Aiming at these problems, this paper firstly analyzes the relations among system properties in the context of TCG-based remote attestation and proposes a new property relation model. Then a layered property attestation framework is proposed based on this model. Finally these ideas are used in the design of a real trusted network connect system. It is shown that the verifier need only obtain and verify the specific integrity measurement that he is interested in and the privacy of the attester´s configuration is protected reasonably.

Keywords

computer network security; data privacy; trusted computing; TCG based remote attestation; TCG trusted network connect architecture; attester configuration privacy; integrity measurement; layered property attestation; network security; property relation model; Computer architecture; Concrete; Fluid flow measurement; Kernel; Linux; Security; Property Relation Model; Property-Based Remote Attestation; TNC;

fLanguage

English

Publisher

ieee

Conference_Titel

Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on

Conference_Location

Changsha

Print_ISBN

978-1-4577-2135-9

Type

conf

DOI

10.1109/TrustCom.2011.98

Filename

6120891