While remote trust attestation is a useful concept to detect unauthorized changes to software, the current mechanism only ensures authenticity at the start of the operating system and cannot ensure the action of runni...While remote trust attestation is a useful concept to detect unauthorized changes to software, the current mechanism only ensures authenticity at the start of the operating system and cannot ensure the action of running software. Our approach is to use a behavior-based monitoring agent to make remote attestation more flexible, dynamic, and trustworthy. This approach was mostly made possible by extensive use of process information which is readily available in Unix. We also made use of a behavior tree to effectively record predictable behaviors of each process. In this paper, we primarily focus on building a prototype implementation of such framework, presenting one example built on it, successfully find potential security risks in the run time of a ftp program and then evaluate the performance of this model.展开更多
Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by w...Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform's real identity, which are Privacy CA-based protocol and direct anonymous attestation (DAA) protocol. However, in the first protocol the privacy CA is the bottleneck and the platform's identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM's real identity.展开更多
In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used ...In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.展开更多
Internet of things has been widely applied to industrial control, smart city and environmental protection, in these applica- tion scenarios, sensing node needs to make real-time response to the feedback control of the...Internet of things has been widely applied to industrial control, smart city and environmental protection, in these applica- tion scenarios, sensing node needs to make real-time response to the feedback control of the application layer. Therefore, it is nec- essary to monitor whether or not awareness nodes are trusted in real time, but the existing mechanisms for trusted certification lack the real-time measurement and tracking of the sensing node. To solve the above problems, this paper proposes a dynamic metric based authentication mechanism for sensing nodes of Internet of things. Firstly, the dynamic trustworthiness measure of the sensing nodes is carried out by introducing the computational function such as the trust function, the trust- worthiness risk assessment function, the feed- back control function and the active function of the sensing node. The dynamic trustworthi- ness measure of sensing nodes from multiple dimensions can effectively describe the change of trusted value of sensing nodes. Then, on the basis of this, a trusted attestation based on node trusted measure is realized by using the revocable group signature mechanism of local verifier. The mechanism has anonymity, un- forgeability and traceability, which is proved the security in the standard model. Simulationexperiments show that the proposed trusted attestation mechanism is flexible, practical and ef|Scient and has better attack resistance. It can effectively guarantee the reliable data transmission of nodes and realize the dynamic tracking of node reliability, which has a lower impact on system performance.展开更多
In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anony...In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.展开更多
For the problem of the original direct anonymous attestation (DAA) scheme's complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solutio...For the problem of the original direct anonymous attestation (DAA) scheme's complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solution to ECC-based TPM in protecting the privacy of the TPM. The scheme still includes five procedures or algorithms: Setup, Join, Sign, Verify and Rogue tagging, but gets rid of zero-knowledge proof and takes on a new process and framework, of which the main operations are addition, scalar multiplication and bilinear maps on supersingular elliptic curve systems. Moreover, the scheme adequately utilizes the properties of bilinear maps as well as the signature and verification of the ecliptic curve system itself. Compared with other schemes, the new DAA scheme not only satis- fies the same properties, and shows better simplicity and high effi- ciency. This paper gives not only a detailed security proof of the proposed scheme, but also a careful performance analysis by comparing with the existing DAA schemes.展开更多
The Binary-based attestation(BA)mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system.However,BA only supports the at...The Binary-based attestation(BA)mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system.However,BA only supports the attestation for specific patterns of binary codes defined by a trusted party,mostly the software vendor,for a particular version of a software.In this paper,we present a Source-Code Oriented Attestation(SCOA)framework to enable custom built application to be attested to in the TCG attestation architecture.In SCOA,security attributes are bond with the source codes of an application instead of its binaries codes.With a proof chain generated by a Trusted Building System to record the building procedure,the challengers can determine whether the binary interacted with is genuinely built from a particular set of source codes.Moreover,with the security attribute certificates assigned to the source codes,they can determine the trustworthiness of the binary.In this paper,we present a TBS implementation with virtualization.展开更多
The main function of Internet of Things is to collect and transmit data.At present,the data transmission in Internet of Things lacks effective trust attestation mechanism and trust traceability mechanism of data sourc...The main function of Internet of Things is to collect and transmit data.At present,the data transmission in Internet of Things lacks effective trust attestation mechanism and trust traceability mechanism of data source.To solve the above problems,a trust attestation mechanism for sensing layer nodes is presented.First a trusted group is established,and the node which is going to join the group needs to attest its identity and key attributes to the higher level node.Then the dynamic trust measurement value of the node can be obtained by measuring the node data transmission behavior.Finally the node encapsulates the key attributes and trust measurement value to use short message group signature to attest its trust to the challenger.This mechanism can measure the data sending and receiving behaviors of sensing nodes and track the data source,and it does not expose the privacy information of nodes and the sensing nodes can be traced effectively.The trust measurement for sensing nodes and verification is applicable to Internet of Things and the simulation experiment shows the trust attestation mechanism is flexible,practical and efficient.Besides,it can accurately and quickly identify the malicious nodes at the same time.The impact on the system performance is negligible.展开更多
Existing remote attestation schemes based on trusted computing have some merits on enhancing security assurance level, but they usually do not integrate tightly with the classical system security mechanism. In this pa...Existing remote attestation schemes based on trusted computing have some merits on enhancing security assurance level, but they usually do not integrate tightly with the classical system security mechanism. In this paper, we present a component named remote attestation-based access controller (RABAC), which is based on a combination of techniques, such as random number, Bell-La Padula (BLP) model, user identity combined with his security properties and so on. The component can validate the current hardware and software integrity of the remote platform, and implement access control with different security policy. We prove that the RABAC can not only improve the security of transferred information in remote attestation process but also integrate remote attestation and classical system security mechanism effectively.展开更多
Security is one of the major challenges that devices connected to the Internet of Things(IoT)face today.Remote attestation is used to measure these devices’trustworthiness on the network by measuring the device platf...Security is one of the major challenges that devices connected to the Internet of Things(IoT)face today.Remote attestation is used to measure these devices’trustworthiness on the network by measuring the device platform’s integrity.Several software-based attestation mechanisms have been proposed,but none of them can detect runtime attacks.Although some researchers have attempted to tackle these attacks,the proposed techniques require additional secured hardware parts to be integrated with the attested devices to achieve their aim.These solutions are expensive and not suitable in many cases.This paper proposes a dual attestation process,SAPEM,with two phases:static and dynamic.The static attestation phase examines the program memory of the attested device.The dynamic program ow attestation examines the execution correctness of the application code.It can detect code injection and runtime attacks that hijack the control-ow,including data attacks that affect the program control-ow.The main aim is to minimize attestation overhead while maintaining our ability to detect the specied attacks.We validated SAPEM by implementing it on Raspberry Pi using its TrustZone extension.We attested it against the specied attacks and compared its performance with the related work in the literature.The results show that SAPEM signicantly minimizes performance overhead while reliably detecting runtime attacks at the binary level.展开更多
In order to ensure the security of the property-based remote attestation scheme, an improved, more efficient, forrml security model of property-based remote attestation is proposed, with which we prove that the user p...In order to ensure the security of the property-based remote attestation scheme, an improved, more efficient, forrml security model of property-based remote attestation is proposed, with which we prove that the user platform satis- fies the security property requirements predefmed by a remote relying party. Under the co-Corrtautational Diffie-Helknan (CDH) assumption, the proposed scheme is proved to be secure in the random oracle model. Compared with the existing schemes, the proposed scheme has a short property certificate and signature size, and requires less computational cost.展开更多
With the continuous advancement of virtualization technology and the widespread adoption of 5G networks,the application of the Network Function Virtualization (NFV) architecture has become increasingly popular and pre...With the continuous advancement of virtualization technology and the widespread adoption of 5G networks,the application of the Network Function Virtualization (NFV) architecture has become increasingly popular and prevalent.While the NFV architecture brings a lot of advantages, it also introduces security challenges, including the effectiveand efficient verification of the integrity of deployed Virtual Network Functions (VNFs) and ensuring the secureoperation of VNFs. To address the challenge of efficiently conducting virtual remote attestation for VNFs and establishingtrust in virtualized environments like NFV architecture, we propose TVRAVNF, which is a highly efficientand low-cost TEE-based virtual remote attestation scheme for VNFs. The scheme we proposed ensures the securityand effectiveness of the virtual remote attestation process by leveraging TEE. Furthermore, we introduces a novellocal attestation mechanism, which not only reduces the overall overhead of the virtual remote attestation processbut also shortens the attestation interval to mitigate Time-Of-Check-Time-Of-Use attacks, thereby enhancing overallsecurity. We conduct experiments to validate the overhead of the TVRAVNF scheme and compare its performancewith that of a typical remote attestation process within a maximum unattested time interval. The experimental resultsdemonstrate that, by employing the local attestation mechanism, our solution achieves nearly an 80% significantperformance improvement with a relatively small time overhead for small to medium-sized files. This further substantiatesthe significant advantages of our approach in both security and efficiency.展开更多
Trusted attestation is the main obstruction preventing large-scale promotion of cloud computing. How to extend a trusted relationship from a single physical node to an Infrastructure-as-a-Service (laaS) platform is ...Trusted attestation is the main obstruction preventing large-scale promotion of cloud computing. How to extend a trusted relationship from a single physical node to an Infrastructure-as-a-Service (laaS) platform is a problem that must be solved. The laaS platform provides the Virtual Machine (VM), and the Trusted VM, equipped with a virtual Trusted Platform Module (vTPM), is the foundation of the trusted laaS platform. We propose a multi-dimensional trusted attestation architecture that can collect and verify trusted attestation information from the computing nodes, and manage the information centrally on a cloud management platform. The architecture verifies the laaS's trusted attestation by apprising the VM, Hypervisor, and host Operating System's (OS) trusted status. The theory and the technology roadmap were introduced, and the key technologies were analyzed. The key technologies include dynamic measurement of the Hypervisor at the process level, the protection of vTPM instances, the reinforcement of Hypervisor security, and the verification of the laaS trusted attestation. A prototype was deployed to verify the feasibility of the system. The advantages of the prototype system were compared with the Open CIT (Intel Cloud attestation solution). A performance analysis experiment was performed on computing nodes and the results show that the performance loss is within an acceptable range.展开更多
It is essential to design a protocol to allow sensor nodes to attest to their trustworthiness for mission- critical applications based on Wireless Sensor Networks (WSNs). However, it is a challenge to evaluate the t...It is essential to design a protocol to allow sensor nodes to attest to their trustworthiness for mission- critical applications based on Wireless Sensor Networks (WSNs). However, it is a challenge to evaluate the trustworthiness without appropriate hardware support. Hence, we present a hardware-based remote attestation protocol to tackle the problem within WSNs. In our design, each sensor node is equipped with a Trusted Platform Module (TPM) which plays the role of a trusted anchor. We start with the formulation of remote attestation and its security. The complete protocol for both single-hop and multi-hop attestations is then demonstrated. Results show the new protocol is effective, efficient, and secure.展开更多
We examine what determines a firm's decision to disclose a self-assessment report on its internal control (IC) system and to further attain an auditor's attestation on the report, using a sample of firms from the ...We examine what determines a firm's decision to disclose a self-assessment report on its internal control (IC) system and to further attain an auditor's attestation on the report, using a sample of firms from the Shanghai Stock Exchange during the period 2006-2010. We hypothesize and find supporting evidence that the likelihood of having voluntary disclosure of IC self-assessment with an auditor's attestation is positively related to future equity refinancing, mutuM-fund shareholding, and whether the firm is controlled by the government, especially the central government. Our study also takes the identification problem into consideration, as our sample includes firms with IC weaknesses/deficiencies. Our study not only makes an incremental contribution to the literature, but also has practical implications, especially for regulators and investors in China.展开更多
HUNAN is located in the middle reaches of the Yangtze River and to the south of Dongting Lake. In Chinese, hu means lake and nan, south. The Xiangjiang River valley, which flows through the province from south to nort...HUNAN is located in the middle reaches of the Yangtze River and to the south of Dongting Lake. In Chinese, hu means lake and nan, south. The Xiangjiang River valley, which flows through the province from south to north, is the most developed region in the areas of politics, the economy and culture. Thus, Hunan is also called Xiang for short.展开更多
Due to the need for massive device connectivity,low communication latency,and various customizations in 6G architecture,a distributed cloud deployment approach will be more relevant to the space-air-ground-sea integra...Due to the need for massive device connectivity,low communication latency,and various customizations in 6G architecture,a distributed cloud deployment approach will be more relevant to the space-air-ground-sea integrated network scenario.However,the openness and heterogeneity of the 6G network cause the problems of network security.To improve the trustworthiness of 6G networks,we propose a trusted computing-based approach for establishing trust relationships inmulti-cloud scenarios.The proposed method shows the relationship of trust based on dual-level verification.It separates the trustworthy states of multiple complex cloud units in 6G architecture into the state within and between cloud units.Firstly,SM3 algorithm establishes the chain of trust for the system’s trusted boot phase.Then,the remote attestation server(RAS)of distributed cloud units verifies the physical servers.Meanwhile,the physical servers use a ring approach to verify the cloud servers.Eventually,the centralized RAS takes one-time authentication to the critical evidence information of distributed cloud unit servers.Simultaneously,the centralized RAS also verifies the evidence of distributed RAS.We establish our proposed approach in a natural OpenStack-based cloud environment.The simulation results show that the proposed method achieves higher security with less than a 1%system performance loss.展开更多
基金Supported by the National Natural Science Foun-dation of China (90104005 ,60373087 ,60473023)
文摘While remote trust attestation is a useful concept to detect unauthorized changes to software, the current mechanism only ensures authenticity at the start of the operating system and cannot ensure the action of running software. Our approach is to use a behavior-based monitoring agent to make remote attestation more flexible, dynamic, and trustworthy. This approach was mostly made possible by extensive use of process information which is readily available in Unix. We also made use of a behavior tree to effectively record predictable behaviors of each process. In this paper, we primarily focus on building a prototype implementation of such framework, presenting one example built on it, successfully find potential security risks in the run time of a ftp program and then evaluate the performance of this model.
基金Supported by the National High Technology Research and Development Program of China (2005AA145110)
文摘Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform's real identity, which are Privacy CA-based protocol and direct anonymous attestation (DAA) protocol. However, in the first protocol the privacy CA is the bottleneck and the platform's identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM's real identity.
基金Acknowledgements This work was supported by Research Funds of Information Security Key Laboratory of Beijing Electronic Science & Technology Institute National Natural Science Foundation of China(No. 61070219) Building Together Specific Project from Beijing Municipal Education Commission.
文摘In order to solve the issue that existing direct anonymous attestation (DAA) scheme can not operate effectively in different domains,based on the original DAA scheme,a novel direct anonymous attestation protocol used in multi domains environment is proposed and designed,in which,the certificate issuer located in outside of domain can be considered as a proxy server to issue the DAA certificate for valid member nodes directly.Our designed mechanism accords with present trusted computing group (TCG) international specification,and can solve the problems of practical authentication and privacy information protection between different trusted domains efficiently.Compared with present DAA scheme,in our protocol,the anonymity,unforgeability can be guaranteed,and the replay-attack also can be avoided.It has important referenced and practical application value in trusted computing field.
基金supported by the National Natural Science Foundation of China (The key trusted running technologies for the sensing nodes in Internet of things: 61501007, The research of the trusted and security environment for high energy physics scientific computing system: 11675199)General Project of science and technology project of Beijing Municipal Education Commission: KM201610005023+2 种基金the outstanding personnel training program of Beijing municipal Party Committee Organization Department (The Research of Trusted Computing environment for Internet of things in Smart City: 2014000020124G041)The key technology research and validation issue for the emergency treatment telemedicine public service platform which integrates the military and civilian and bases on the broadband wireless networks (No.2013ZX03006001-005)the issue belongs to Major national science and technology projects
文摘Internet of things has been widely applied to industrial control, smart city and environmental protection, in these applica- tion scenarios, sensing node needs to make real-time response to the feedback control of the application layer. Therefore, it is nec- essary to monitor whether or not awareness nodes are trusted in real time, but the existing mechanisms for trusted certification lack the real-time measurement and tracking of the sensing node. To solve the above problems, this paper proposes a dynamic metric based authentication mechanism for sensing nodes of Internet of things. Firstly, the dynamic trustworthiness measure of the sensing nodes is carried out by introducing the computational function such as the trust function, the trust- worthiness risk assessment function, the feed- back control function and the active function of the sensing node. The dynamic trustworthi- ness measure of sensing nodes from multiple dimensions can effectively describe the change of trusted value of sensing nodes. Then, on the basis of this, a trusted attestation based on node trusted measure is realized by using the revocable group signature mechanism of local verifier. The mechanism has anonymity, un- forgeability and traceability, which is proved the security in the standard model. Simulationexperiments show that the proposed trusted attestation mechanism is flexible, practical and ef|Scient and has better attack resistance. It can effectively guarantee the reliable data transmission of nodes and realize the dynamic tracking of node reliability, which has a lower impact on system performance.
基金supported in part by the European Commission Marie Curie IRSES project "AdvIOT"the National Natural Science Foundation of China (NSFC) under grant No.61372103
文摘In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.
基金Supported by the National Natural Science Foundation of China (60970113)Sichuan Youth Science and Technology Foundation (2011JQ0038)
文摘For the problem of the original direct anonymous attestation (DAA) scheme's complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solution to ECC-based TPM in protecting the privacy of the TPM. The scheme still includes five procedures or algorithms: Setup, Join, Sign, Verify and Rogue tagging, but gets rid of zero-knowledge proof and takes on a new process and framework, of which the main operations are addition, scalar multiplication and bilinear maps on supersingular elliptic curve systems. Moreover, the scheme adequately utilizes the properties of bilinear maps as well as the signature and verification of the ecliptic curve system itself. Compared with other schemes, the new DAA scheme not only satis- fies the same properties, and shows better simplicity and high effi- ciency. This paper gives not only a detailed security proof of the proposed scheme, but also a careful performance analysis by comparing with the existing DAA schemes.
基金This work is under support of National Natural Science Foundation of China under grant No.60873238.
文摘The Binary-based attestation(BA)mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system.However,BA only supports the attestation for specific patterns of binary codes defined by a trusted party,mostly the software vendor,for a particular version of a software.In this paper,we present a Source-Code Oriented Attestation(SCOA)framework to enable custom built application to be attested to in the TCG attestation architecture.In SCOA,security attributes are bond with the source codes of an application instead of its binaries codes.With a proof chain generated by a Trusted Building System to record the building procedure,the challengers can determine whether the binary interacted with is genuinely built from a particular set of source codes.Moreover,with the security attribute certificates assigned to the source codes,they can determine the trustworthiness of the binary.In this paper,we present a TBS implementation with virtualization.
基金Supported by the National Natural Science Foundation of China(61501007)General Project of Science and Technology Project of Beijing Municipal Education Commission(KM201610005023)
文摘The main function of Internet of Things is to collect and transmit data.At present,the data transmission in Internet of Things lacks effective trust attestation mechanism and trust traceability mechanism of data source.To solve the above problems,a trust attestation mechanism for sensing layer nodes is presented.First a trusted group is established,and the node which is going to join the group needs to attest its identity and key attributes to the higher level node.Then the dynamic trust measurement value of the node can be obtained by measuring the node data transmission behavior.Finally the node encapsulates the key attributes and trust measurement value to use short message group signature to attest its trust to the challenger.This mechanism can measure the data sending and receiving behaviors of sensing nodes and track the data source,and it does not expose the privacy information of nodes and the sensing nodes can be traced effectively.The trust measurement for sensing nodes and verification is applicable to Internet of Things and the simulation experiment shows the trust attestation mechanism is flexible,practical and efficient.Besides,it can accurately and quickly identify the malicious nodes at the same time.The impact on the system performance is negligible.
基金Supported by the National High Technology Research and Development Program of China (863 Program) (2006AA01Z440)the National Basic Research Program of China (973 Program) (2007CB311100)
文摘Existing remote attestation schemes based on trusted computing have some merits on enhancing security assurance level, but they usually do not integrate tightly with the classical system security mechanism. In this paper, we present a component named remote attestation-based access controller (RABAC), which is based on a combination of techniques, such as random number, Bell-La Padula (BLP) model, user identity combined with his security properties and so on. The component can validate the current hardware and software integrity of the remote platform, and implement access control with different security policy. We prove that the RABAC can not only improve the security of transferred information in remote attestation process but also integrate remote attestation and classical system security mechanism effectively.
文摘Security is one of the major challenges that devices connected to the Internet of Things(IoT)face today.Remote attestation is used to measure these devices’trustworthiness on the network by measuring the device platform’s integrity.Several software-based attestation mechanisms have been proposed,but none of them can detect runtime attacks.Although some researchers have attempted to tackle these attacks,the proposed techniques require additional secured hardware parts to be integrated with the attested devices to achieve their aim.These solutions are expensive and not suitable in many cases.This paper proposes a dual attestation process,SAPEM,with two phases:static and dynamic.The static attestation phase examines the program memory of the attested device.The dynamic program ow attestation examines the execution correctness of the application code.It can detect code injection and runtime attacks that hijack the control-ow,including data attacks that affect the program control-ow.The main aim is to minimize attestation overhead while maintaining our ability to detect the specied attacks.We validated SAPEM by implementing it on Raspberry Pi using its TrustZone extension.We attested it against the specied attacks and compared its performance with the related work in the literature.The results show that SAPEM signicantly minimizes performance overhead while reliably detecting runtime attacks at the binary level.
基金This work was supported by the National Natural Science Foundation of China under Crants No. 60842002, No. 61272542, No. 60903018, No. 61103183, No. 61103184 the National High- Tech Research and Development Plan of China under Ca'ant No. 2007AA01Z409+1 种基金 the Fundamental Research Funds for the Central Universities under Crants No. 2009B21114, No. 20101307114 the "Six Talent Peaks Program" of Jiangsu Province of China under Crant No. 2009182 and Program for New Century Excellent Talents in Hohai University.
文摘In order to ensure the security of the property-based remote attestation scheme, an improved, more efficient, forrml security model of property-based remote attestation is proposed, with which we prove that the user platform satis- fies the security property requirements predefmed by a remote relying party. Under the co-Corrtautational Diffie-Helknan (CDH) assumption, the proposed scheme is proved to be secure in the random oracle model. Compared with the existing schemes, the proposed scheme has a short property certificate and signature size, and requires less computational cost.
基金supported by the project“Technology Cooperation Project of Cross Network Lightweight Adaptive Trust System in ubiquitous network”,the National Key Research and Development Program of China under Grant 2023YFB3107605 and Key Laboratory of Trusted Distributed Computing and Services,Ministry of Education(Beijing University of Posts and Telecommunications).
文摘With the continuous advancement of virtualization technology and the widespread adoption of 5G networks,the application of the Network Function Virtualization (NFV) architecture has become increasingly popular and prevalent.While the NFV architecture brings a lot of advantages, it also introduces security challenges, including the effectiveand efficient verification of the integrity of deployed Virtual Network Functions (VNFs) and ensuring the secureoperation of VNFs. To address the challenge of efficiently conducting virtual remote attestation for VNFs and establishingtrust in virtualized environments like NFV architecture, we propose TVRAVNF, which is a highly efficientand low-cost TEE-based virtual remote attestation scheme for VNFs. The scheme we proposed ensures the securityand effectiveness of the virtual remote attestation process by leveraging TEE. Furthermore, we introduces a novellocal attestation mechanism, which not only reduces the overall overhead of the virtual remote attestation processbut also shortens the attestation interval to mitigate Time-Of-Check-Time-Of-Use attacks, thereby enhancing overallsecurity. We conduct experiments to validate the overhead of the TVRAVNF scheme and compare its performancewith that of a typical remote attestation process within a maximum unattested time interval. The experimental resultsdemonstrate that, by employing the local attestation mechanism, our solution achieves nearly an 80% significantperformance improvement with a relatively small time overhead for small to medium-sized files. This further substantiatesthe significant advantages of our approach in both security and efficiency.
基金supported by the National Natural Science Foundation of China (No.61272447)
文摘Trusted attestation is the main obstruction preventing large-scale promotion of cloud computing. How to extend a trusted relationship from a single physical node to an Infrastructure-as-a-Service (laaS) platform is a problem that must be solved. The laaS platform provides the Virtual Machine (VM), and the Trusted VM, equipped with a virtual Trusted Platform Module (vTPM), is the foundation of the trusted laaS platform. We propose a multi-dimensional trusted attestation architecture that can collect and verify trusted attestation information from the computing nodes, and manage the information centrally on a cloud management platform. The architecture verifies the laaS's trusted attestation by apprising the VM, Hypervisor, and host Operating System's (OS) trusted status. The theory and the technology roadmap were introduced, and the key technologies were analyzed. The key technologies include dynamic measurement of the Hypervisor at the process level, the protection of vTPM instances, the reinforcement of Hypervisor security, and the verification of the laaS trusted attestation. A prototype was deployed to verify the feasibility of the system. The advantages of the prototype system were compared with the Open CIT (Intel Cloud attestation solution). A performance analysis experiment was performed on computing nodes and the results show that the performance loss is within an acceptable range.
基金supported by the outstanding graduate student innovation project of Shanxi Province (No.20123030)
文摘It is essential to design a protocol to allow sensor nodes to attest to their trustworthiness for mission- critical applications based on Wireless Sensor Networks (WSNs). However, it is a challenge to evaluate the trustworthiness without appropriate hardware support. Hence, we present a hardware-based remote attestation protocol to tackle the problem within WSNs. In our design, each sensor node is equipped with a Trusted Platform Module (TPM) which plays the role of a trusted anchor. We start with the formulation of remote attestation and its security. The complete protocol for both single-hop and multi-hop attestations is then demonstrated. Results show the new protocol is effective, efficient, and secure.
基金We would like to thank Steven Wang, Clive Lennox, Charles Chen, Yaw Mensah, Linda Myers, Yue Heng and workshop participants at Beijing University, Nanjing University, Fudan University, University of International Business and Economics, California State University at Northridge, the Chinese Accounting Professors Association of North American annual conference, and the AAA annual meeting for helpful comments. We acknowledges the financial support of the National Natural Science Foundation of China (No. 71172035, 71272074 and 71572046).
文摘We examine what determines a firm's decision to disclose a self-assessment report on its internal control (IC) system and to further attain an auditor's attestation on the report, using a sample of firms from the Shanghai Stock Exchange during the period 2006-2010. We hypothesize and find supporting evidence that the likelihood of having voluntary disclosure of IC self-assessment with an auditor's attestation is positively related to future equity refinancing, mutuM-fund shareholding, and whether the firm is controlled by the government, especially the central government. Our study also takes the identification problem into consideration, as our sample includes firms with IC weaknesses/deficiencies. Our study not only makes an incremental contribution to the literature, but also has practical implications, especially for regulators and investors in China.
文摘HUNAN is located in the middle reaches of the Yangtze River and to the south of Dongting Lake. In Chinese, hu means lake and nan, south. The Xiangjiang River valley, which flows through the province from south to north, is the most developed region in the areas of politics, the economy and culture. Thus, Hunan is also called Xiang for short.
基金This work was supported by the Ministry of Education and China Mobile Research Fund Project(MCM20200102)the 173 Project(No.2019-JCJQ-ZD-342-00)+2 种基金the National Natural Science Foundation of China(No.U19A2081)the Fundamental Research Funds for the Central Universities(No.2023SCU12129)the Science and Engineering Connotation Development Project of Sichuan University(No.2020SCUNG129).
文摘Due to the need for massive device connectivity,low communication latency,and various customizations in 6G architecture,a distributed cloud deployment approach will be more relevant to the space-air-ground-sea integrated network scenario.However,the openness and heterogeneity of the 6G network cause the problems of network security.To improve the trustworthiness of 6G networks,we propose a trusted computing-based approach for establishing trust relationships inmulti-cloud scenarios.The proposed method shows the relationship of trust based on dual-level verification.It separates the trustworthy states of multiple complex cloud units in 6G architecture into the state within and between cloud units.Firstly,SM3 algorithm establishes the chain of trust for the system’s trusted boot phase.Then,the remote attestation server(RAS)of distributed cloud units verifies the physical servers.Meanwhile,the physical servers use a ring approach to verify the cloud servers.Eventually,the centralized RAS takes one-time authentication to the critical evidence information of distributed cloud unit servers.Simultaneously,the centralized RAS also verifies the evidence of distributed RAS.We establish our proposed approach in a natural OpenStack-based cloud environment.The simulation results show that the proposed method achieves higher security with less than a 1%system performance loss.
