Abstract
Along with the advent and popularity of cloud computing, Internet of Things, and bring your own device, the trust requirement for terminal devices has increased significantly. An untrusted terminal, a terminal that runs in an untrustworthy execution environment, may cause serious security issues for enterprise networks. With the release of Software Guard Extension, Intel has provided a promising way to construct trusted terminals and services. Utilizing this technology, we propose a security-enhanced attestation for remote terminals, which can achieve shielded execution for measurements and attestation programs. Furthermore, we present a policy-based measurement mechanism where sensitive data, including secret keys and policy details are concealed using the enclave-specific keys. We implement our attestation prototype on real platform with Intel Skylake processor. Evaluation results show that our attestation system can provide much stronger security guarantees, yet incurs small performance overhead.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
