The Community for Technology Leaders
Green Image
Issue No. 01 - January/February (2011 vol. 9)
ISSN: 1540-7993
pp: 40-48
Joshua Schiffman , Pennsylvania State University
Thomas Moyer , Pennsylvania State University
Trent Jaeger , Pennsylvania State University
Patrick McDaniel , Pennsylvania State University
Administrators of large datacenters often require network installation mechanisms, such as disk cloning over the network, to manage the integrity of their machines. However, network-based installation is vulnerable to a variety of attacks, including compromised machines responding to installation requests with malware. To enable verification that running machines were installed correctly, the Network-Based Root of Trust for Installation (netROTI, for short) binds the state of a system to its installer and disk image. Evaluation results show that a netROTI installation adds about 8 seconds overhead plus 3 percent of image download time to a standard network install and thwarts many known attacks against the installation process.
trusted computing, security, network-installation
Joshua Schiffman, Thomas Moyer, Trent Jaeger, Patrick McDaniel, "Network-Based Root of Trust for Installation", IEEE Security & Privacy, vol. 9, no. , pp. 40-48, January/February 2011, doi:10.1109/MSP.2011.15
171 ms
(Ver 3.3 (11022016))