User-Centered Attestation for Layered and Decentralized Systems
conference contribution
posted on 2020-10-24, 03:32 authored by HAGEN REINHARD LAUER, Ahmad Salehi ShahrakiAhmad Salehi Shahraki, Carsten Rudolph, Surya NepalVirtualization is omnipresent as the backbone of
cloud, edge, and fog computing as well as X-as-a-service infrastructure. It continues to gain increased popularity even in edge or end-user and embedded devices. The need for standards and specifications for secure and trustworthy collaboration becomes a pressing issue. Trusted Computing is considered one of the pillars towards trustworthy systems both in terms of practical security mechanisms and supporting standards. This paper revisits the Trusted Computing tool-set and introduces its current application
in virtualization scenarios. We discuss challenges related to
translating the term trust between specifications for hardware modules such as the Trusted Platform Module (TPM) and applied specifications for operating systems, hypervisors, and virtual machines are — defining trust establishment becomes crucial for specifications extending trust beyond the TPM. We define Usercentered
attestation as a set of principles suitable for layered,
decentralized systems along with a methodology for specifying and synthesizing such a trust establishment strategy.
