Lightweight, Scalable and OS-Transparent Remote Attestation of Runtime Program

Abstract

Secure channel technologies alone can not provide the sufficient protection to the server data as long as the server can not guarantee the trustworthiness of the client program which accesses the server. The current Trusted Computing solution offers the guarantee on the trustworthiness of the client program by evaluating the integrity of all executable elements on the client platform. However, this solution may not work effectively in the monolithic legacy and commodity operating system. This paper considers the remote attestation of program execution on the untrusted legacy platform. We propose an architecture, which (1) collects the run-time information of the client program in a secure, scalable and OS-transparent way, and (2) reports to the remote server the collected run-time information of the client program in a lightweight and secure way. The architecture achieves these features by exploiting the system virtualization technology, the existing VMI tools, and the time stamping functionality in TCG TPM. We give the detailed description of the architecture.