Network-based root of trust for installation

Joshua Schiffman, Thomas Moyer, Trent Jaeger, Patrick McDaniel

Research output: Contribution to journalArticle

14 Scopus citations


Administrators of large datacenters often require network installation mechanisms, such as disk cloning over the network, to manage the integrity of their machines. However, network-based installation is vulnerable to a variety of attacks, including compromised machines responding to installation requests with malware. To enable verification that running machines were installed correctly, the Network-Based Root of Trust for Installation (netROTI, for short) binds the state of a system to its installer and disk image. Evaluation results show that a netROTI installation adds about 8 seconds overhead plus 3 percent of image download time to a standard network install and thwarts many known attacks against the installation process.

Original languageEnglish (US)
Article number5705596
Pages (from-to)40-48
Number of pages9
JournalIEEE Security and Privacy
Issue number1
StatePublished - Jan 1 2011


All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Cite this