Improving coherency of runtime integrity measurement

Thober, Mark; Pendergrass, J.H.; McDonell, C. Durward

doi:10.1145/1456455.1456464

Cited by 14 publications

(11 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In this paper, measurement is discussed only as necessary to support our architecture for attestation, but cf. [23,37,22,27] for more on measurement strategies.…”

Section: Terminologymentioning

confidence: 99%

See 1 more Smart Citation

Principles of remote attestation

Coker

Guttman

Loscocco

et al. 2011

Int. J. Inf. Secur.

178

106

View full text Add to dashboard Cite

Abstract. Remote attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network. We identify five central principles to guide development of attestation systems. We argue that (i) attestation must be able to deliver temporally fresh evidence; (ii) comprehensive information about the target should be accessible; (iii) the target, or its owner, should be able to constrain disclosure of information about the target; (iv) attestation claims should have explicit semantics to allow decisions to be derived from several claims; and (v) the underlying attestation mechanism must be trustworthy. We illustrate how to acquire evidence from a running system, and how to transport it via protocols to remote appraisers. We propose an architecture for attestation guided by these principles. Virtualized platforms, which are increasingly well supported on stock hardware, provide a natural basis for our attestation architecture.

show abstract

“…In this paper, measurement is discussed only as necessary to support our architecture for attestation, but cf. [23,37,22,27] for more on measurement strategies.…”

Section: Terminologymentioning

confidence: 99%

“…Much of this evidence-gathering can be viewed as algorithmically akin to garbage collection [37]. The measurement process needs to traverse pointers repeatedly, starting from pointers that reside in static program variables or on the stack.…”

Section: System Measurementmentioning

confidence: 99%

Principles of remote attestation

Coker

Guttman

Loscocco

et al. 2011

Int. J. Inf. Secur.

178

106

View full text Add to dashboard Cite

show abstract

“…The integrity policy language of JMF enables a partial solution to the measurement quiescence problem [39]: how to measure a target when it is executing in some critical section (e.g., updating a field). The qualifiers qual allow particular policy constraints to be enabled or disabled for a given set of objects if the specified methods of those objects are currently executing.…”

Section: Integrity Policiesmentioning

confidence: 99%

“…Forking the process utilizes the memory copyon-write (COW) mechanism of Linux, which allows the target process to run while the measurement is performed on the forked process. Copy-on-write has been shown elsewhere to be a useful mechanism to improve target performance while still guaranteeing atomicity of the measurement [39]. It is important to note that this is an OS-level fork of the JVM that is running the Java application; we do not need to implement any new COW functionality, but instead make use of the existing COW implementation within Linux that happens automatically with the fork.…”

Section: Improving Measurement Performancementioning

confidence: 99%

JMF

Thober

Pendergrass

Jurik

2012

Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing

Self Cite

View full text Add to dashboard Cite

Runtime integrity measurement systems provide the capability to observe the runtime state of a process and to determine whether or not it is acceptable. Existing software systems tend to forgo integrity checks altogether or to enlist static mechanisms (e.g., assertions) to detect unacceptable process states at runtime. A large and growing base of malicious software necessitates more sophisticated handling of threats to process integrity.In this paper, we describe an approach to runtime integrity measurement we call the Java Measurement Framework (JMF) that presents a new way to define and check runtime integrity policies. We define a policy language based on Java that provides an accessible way to write integrity policies and we describe a periodic, dynamic measurer that obtains snapshots of process state, which are evaluated with respect to a policy by an appraiser. With full process state available to the appraiser, policies can express rich relationships between multiple objects, thereby detecting abnormalities in an application's data structures. Our framework may be used to detect a powerful adversary who has the capability to modify both the runtime bytecode and data structures of Java applications. We show that our prototype implementation in Java has acceptable overhead and that it can be used to detect runtime integrity violations in several real Java programs.

show abstract

“…Runtime integrity measurement has been proposed recently with copy-on-write mechanism [28]. However, this is implemented on Xen-like virtualization environment, which is so far not practical for mobile platforms.…”

Section: Related Workmentioning

confidence: 99%

Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms

Zhang

Acıiçmez

Seifert

2009

Security and Privacy in Mobile Information and Communication Systems

View full text Add to dashboard Cite

Abstract. Integrity measurement and attestation mechanisms have already been developed for PC and server platforms, however, porting these technologies directly on mobile and resource-limited devices does not truly satisfy their performance constraints. Therefore, there are ongoing research efforts on mobileefficient integrity measurement and attestation mechanisms. In this paper we propose a simple and efficient solution for this problem by considering the unique features of mobile phone devices. Our customized secure boot mechanism ensures that a platform can boot to a secure state. During runtime an information flow-based integrity model is leveraged to maintain high integrity status of the system. Our solution satisfies identified security goals of integrity measurement and attestation. We have implemented our solution on a LiMo compatible mobile phone platform.

show abstract

Improving coherency of runtime integrity measurement

Cited by 14 publications

References 5 publications

Principles of remote attestation

Principles of remote attestation

JMF

Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms

Contact Info

Product

Resources

About