This Article 
 Bibliographic References 
 Add to: 
Network-Based Root of Trust for Installation
January/February 2011 (vol. 9 no. 1)
pp. 40-48
Joshua Schiffman, Pennsylvania State University
Thomas Moyer, Pennsylvania State University
Trent Jaeger, Pennsylvania State University
Patrick McDaniel, Pennsylvania State University
Administrators of large datacenters often require network installation mechanisms, such as disk cloning over the network, to manage the integrity of their machines. However, network-based installation is vulnerable to a variety of attacks, including compromised machines responding to installation requests with malware. To enable verification that running machines were installed correctly, the Network-Based Root of Trust for Installation (netROTI, for short) binds the state of a system to its installer and disk image. Evaluation results show that a netROTI installation adds about 8 seconds overhead plus 3 percent of image download time to a standard network install and thwarts many known attacks against the installation process.

1. R.P. Gallagher, "A Guide to Understanding Trusted Distribution in Trusted Systems," tech. guidelines NCSC-TG-008, Nat'l Computer Security Center, 1988;
2. D. Nurmi et al., "The Eucalyptus Open-Source Cloud-Computing System," Proc. 9th Int'l Symp. Cluster Computing and the Grid, IEEE CS Press, 2009, pp. 124–131.
3. Preboot Execution Environment (PXE) Specification (version 2.1), Intel, 20 Sept. 1999; pxespec.htm.
4. A. Triulzi, "The Jedi Packet Trick takes over the Deathstar," slide presentation, CanSecWest 2010; .
5. B. Parno, J.M. McCune, and A. Perrig, "Bootstrapping Trust in Commodity Computers," Proc. IEEE 31st Symp. on Security and Privacy (S&P 2010), IEEE CS Press, 2010, pp. 414–429.
6. L.S. Clair et al., "Establishing and Sustaining System Integrity via Root of Trust Installation," Proc. 2nd Ann. Conf. Computer Security Applications, ACM Press, 2007, pp. 19–29.
7. E. Brickell, J. Camenisch, and L. Chen, "Direct Anonymous Attestation," Proc. 11th Conf. Computer and Communications Security, ACM Press, 2004, pp. 132–145.
8. A. Zeichick, "Processor-Based Virtualization, AMD64 style, Part II,"30 June 2006; pages630200615.aspx.
9. B. Kauer, "Oslo: Improving the Security of Trusted Computing," Proc. 16th Usenix Security Symp., Usenix Assoc., 2007, pp. 1–9.
10. G.H. Kim and E.H. Spafford, "The Design and Implementation of Tripwire: A File System Integrity Checker," Proc. 2nd Conf. Computer and Communications Security, ACM Press, 1994, pp. 18–29.
11. BitLocker Drive Encryption Technical Overview, Microsoft, 2009; cc732774(WS.10).aspx.

Index Terms:
trusted computing, security, network-installation
Joshua Schiffman, Thomas Moyer, Trent Jaeger, Patrick McDaniel, "Network-Based Root of Trust for Installation," IEEE Security & Privacy, vol. 9, no. 1, pp. 40-48, Jan.-Feb. 2011, doi:10.1109/MSP.2011.15
Usage of this product signifies your acceptance of the Terms of Use.