Verifiable trust is a desirable property for computing platforms - a user has a fundamental interest in knowing whether a computing platform about to be used behaves as expected. Current systems provide verifiable trust by taking immutable snapshots of a platform which digest the complex set of platform components and dependencies into relatively few measurements. Moreover, any change to the platform is deemed malicious, and it is only possible to revert to the previous state by restarting the computer. In this paper, we introduce a novel extensible integrity management framework that addresses these problems. Our framework makes two key contributions: To improve integrity management, we explicitly represent the dependency relation between platform components, which provides the user with more information about the state of the platform. To enable change management, we distinguish reversible changes to measured components from the established irreversible changes. We have implemented a prototype of this framework, based on the Xen virtual machine monitor. In addition, we demonstrate the use of our framework for policy enforcement by implementing a credential management service on top of it. 20 PagesExternal Posting Date: June 21, 2008 [Fulltext].Approved for External PublicationInternal Posting Date: June 21, 2008 [Fulltext]
PDF
download
878987797
028-85220240
