TY - GEN
T1 - Security verification of hardware-enabled attestation protocols
AU - Zhang, Tianwei
AU - Szefer, Jakub
AU - Lee, Ruby B.
PY - 2012
Y1 - 2012
N2 - Hardware-software security architectures can significantly improve the security provided to computer users. However, we are lacking a security verification methodology that can provide design-time verification of the security properties provided by such architectures. While verification of an entire hardware-software security architecture is very difficult today, this paper proposes a methodology for verifying essential aspects of the architecture. We use attestation protocols proposed by different hardware security architectures as examples of such essential aspects. Attestation is an important and interesting new requirement for having trust in a remote computer, e.g., in a cloud computing scenario. We use a finite-state model checker to model the system and the attackers, and check the security of the protocols against attacks. We provide new actionable heuristics for designing invariants that are validated by the model checker and thus used to detect potential attacks. The verification ensures that the invariants hold and the protocol is secure. Otherwise, the protocol design is updated on a failure and the verification is re-run.
AB - Hardware-software security architectures can significantly improve the security provided to computer users. However, we are lacking a security verification methodology that can provide design-time verification of the security properties provided by such architectures. While verification of an entire hardware-software security architecture is very difficult today, this paper proposes a methodology for verifying essential aspects of the architecture. We use attestation protocols proposed by different hardware security architectures as examples of such essential aspects. Attestation is an important and interesting new requirement for having trust in a remote computer, e.g., in a cloud computing scenario. We use a finite-state model checker to model the system and the attackers, and check the security of the protocols against attacks. We provide new actionable heuristics for designing invariants that are validated by the model checker and thus used to detect potential attacks. The verification ensures that the invariants hold and the protocol is secure. Otherwise, the protocol design is updated on a failure and the verification is re-run.
UR - http://www.scopus.com/inward/record.url?scp=84875595765&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84875595765&partnerID=8YFLogxK
U2 - 10.1109/MICROW.2012.16
DO - 10.1109/MICROW.2012.16
M3 - Conference contribution
AN - SCOPUS:84875595765
SN - 9780769549200
T3 - Proceedings - 2012 IEEE/ACM 45th International Symposium on Microarchitecture Workshops, MICROW 2012
SP - 47
EP - 54
BT - Proceedings - 2012 IEEE/ACM 45th International Symposium on Microarchitecture Workshops, MICROW 2012
T2 - 2012 IEEE/ACM 45th International Symposium on Microarchitecture Workshops, MICROW 2012
Y2 - 1 December 2012 through 5 December 2012
ER -