BibTeX Record for
'Tree-formed verification data for trusted platforms'
@ARTICLE{CoSe_TFV1,
author = {Andreas U. Schmidt and Andreas Leicher and Andreas Brett and Yogendra Shah and
Inhyok Cha},
title = {Tree-formed verification data for trusted platforms},
journal = {Computers \& Security},
year = {2013},
volume = {32},
pages = {19-35},
abstract = {The establishment of trust relationships to a computing platform relies
on validation processes. Validation allows an external entity to
build trust in the expected behaviour of the platform based on provided
evidence of the platform's configuration. In a process like remote
attestation, the 'trusted' platform submits verification data created
during a start up process. These data consist of hardware-protected
values of platform configuration registers, containing nested measurement
values, e.g., hash values, of loaded or started components. Commonly,
the register values are created in linear order by a hardware secured
operation. Fine-grained diagnosis of components, based on the linear
order of verification data and associated measurement logs, is not
optimal. We propose a method to use tree-formed verification data
to validate a platform. Component measurement values represent leaves,
and protected registers represent roots of a hash tree. We describe
the basic mechanism of validating a platform using tree-formed measurement
logs and root registers and show a logarithmic speed-up for the search
of faults. Secure creation of a tree is possible using a limited
number of hardware-protected registers and a single protected operation.
In this way, the security of tree-formed verification data is maintained.},
doi = {10.1016/j.cose.2012.09.004},
url = {http://arxiv.org/pdf/1007.0642v4}
}