• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations

DMCA

Bind: A fine-grained attestation service for secure distributed systems (2005)

Cached

  • Download as a PDF

Download Links

  • [www.cse.psu.edu]
  • [www.paramecium.org]
  • [www.cse.psu.edu]
  • [www.paramecium.org]
  • [www.cse.psu.edu]
  • [sparrow.ece.cmu.edu]
  • [www.cs.utsa.edu]
  • [www.cs.princeton.edu]
  • [www2.parc.com]
  • [sparrow.ece.cmu.edu]
  • [sparrow.ece.cmu.edu]
  • [sparrow.ece.cmu.edu]
  • [www.cs.umd.edu]
  • [www.cs.princeton.edu]
  • [www.cs.umd.edu]
  • [sparrow.ece.cmu.edu]

    • Other Repositories/Bibliography

  • DBLP
  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by Elaine Shi , Adrian Perrig , Leendert Van Doorn
Venue:In In Proceedings of the 2005 IEEE Symposium on Security and Privacy
Citations:98 - 3 self
  • Summary
  • Citations
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@INPROCEEDINGS{Shi05bind:a,
    author = {Elaine Shi and Adrian Perrig and Leendert Van Doorn},
    title = {Bind: A fine-grained attestation service for secure distributed systems},
    booktitle = {In In Proceedings of the 2005 IEEE Symposium on Security and Privacy},
    year = {2005},
    pages = {154--168}
}

Share

Facebook Twitter Reddit Bibsonomy

OpenURL

 

Abstract

In this paper, we propose BIND (Binding Instructions aNd Data), 1 a fine-grained attestation service for securing distributed systems. Code attestation has recently received considerable attention in trusted computing. However, current code attestation technology is relatively immature. First, due to the great variability in software versions and configurations, verification of the hash is difficult. Second, the time-of-use and time-of-attestation discrepancy remains to be addressed, since the code may be correct at the time of the attestation, but it may be compromised by the time of use. The goal of BIND is to address these issues and make code attestation more usable in securing distributed systems. BIND offers the following properties: 1) BIND performs fine-grained attestation. Instead of attesting to the entire memory content, BIND attests only to the piece of code we are concerned about. This greatly simplifies verification. 2) BIND narrows the gap between time-ofattestation and time-of-use. BIND measures a piece of code immediately before it is executed and uses a sand-boxing mechanism to protect the execution of the attested code. 3) BIND ties the code attestation with the data that the code produces, such that we can pinpoint what code has been run to generate that data. In addition, by incorporating the verification of input data integrity into the attestation, BIND offers transitive integrity verification, i.e., through one signature, we can vouch for the entire chain of processes that have performed transformations over a piece of data. BIND offers a general solution toward establishing a trusted environment for distributed system designers.

Keyphrases

fine-grained attestation service    code attestation    distributed system    sand-boxing mechanism    entire chain    current code attestation technology    attested code    trusted environment    entire memory content    software version    time-of-attestation discrepancy    input data integrity    bind performs fine-grained attestation    great variability    distributed system designer    trusted computing    transitive integrity verification    considerable attention    binding instruction    general solution    following property   

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University