Security model oriented attestation on dynamically reconfigurable component-based systems

Abstract

As more and more component-based systems (CBS) run in the open and dynamic Internet, it is very important to establish trust between clients and CBS in mutually distrusted domains. One of the key mechanisms to establish trust among different platforms in an open and dynamic environment is remote attestation, which allows a platform to vouch for its trust-related characteristics to a remote challenger. This paper proposes a novel attestation scheme for a dynamically reconfigurable CBS to reliably prove whether its execution satisfies the specified security model, by introducing a TPM-based attestation service to dynamically monitor the execution of the CBS. When only parts of the dynamic CBS are concerned, our scheme enables fine-grained attestation on the execution of an individual component or a sub-system in the dynamic CBS, such that it involves only minimal overhead for attesting the target parts of the CBS. With flexible attestation support, the proposed attestation service can attest a CBS at the granularity from an individual component to the whole CBS. As a case study, we have applied the proposed scheme on OSGi systems and implemented a prototype based on JVMTI for Felix. The evaluation results show that the proposed scheme is both effective and practical.