Visible to the public Towards Systematic Design of Collective Remote Attestation Protocols

TitleTowards Systematic Design of Collective Remote Attestation Protocols
Publication TypeConference Paper
Year of Publication2019
AuthorsDe Oliveira Nunes, Ivan, Dessouky, Ghada, Ibrahim, Ahmad, Rattanavipanon, Norrathep, Sadeghi, Ahmad-Reza, Tsudik, Gene
Conference Name2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS)
Date Publishedjul
Keywordsattestation, Collective Remote Attestation, collective remote attestation protocols, composability, concrete collective RA scheme, data privacy, embedded system security, Embedded systems, Hardware, Human Behavior, malware detection, networked embedded devices, performance evaluation, place collective RA, prior collective RA schemes, Protocols, pubcrawl, remote device, remote exploits, Resiliency, security, single device, single-device RA, Software, Systematic Design, Systematics, Topology, towards systematic design, untrusted device
AbstractNetworks of and embedded (IoT) devices are becoming increasingly popular, particularly, in settings such as smart homes, factories and vehicles. These networks can include numerous (potentially diverse) devices that collectively perform certain tasks. In order to guarantee overall safety and privacy, especially in the face of remote exploits, software integrity of each device must be continuously assured. This can be achieved by Remote Attestation (RA) - a security service for reporting current software state of a remote and untrusted device. While RA of a single device is well understood, collective RA of large numbers of networked embedded devices poses new research challenges. In particular, unlike single-device RA, collective RA has not benefited from any systematic treatment. Thus, unsurprisingly, prior collective RA schemes are designed in an ad hoc fashion. Our work takes the first step toward systematic design of collective RA, in order to help place collective RA onto a solid ground and serve as a set of design guidelines for both researchers and practitioners. We explore the design space for collective RA and show how the notions of security and effectiveness can be formally defined according to a given application domain. We then present and evaluate a concrete collective RA scheme systematically designed to satisfy these goals.
Citation Keyde_oliveira_nunes_towards_2019