Network-based root of trust for installation

Joshua Schiffman, Thomas Moyer, Trent Jaeger, Patrick McDaniel

Research output: Contribution to journalArticlepeer-review

14 Scopus citations

Abstract

Administrators of large datacenters often require network installation mechanisms, such as disk cloning over the network, to manage the integrity of their machines. However, network-based installation is vulnerable to a variety of attacks, including compromised machines responding to installation requests with malware. To enable verification that running machines were installed correctly, the Network-Based Root of Trust for Installation (netROTI, for short) binds the state of a system to its installer and disk image. Evaluation results show that a netROTI installation adds about 8 seconds overhead plus 3 percent of image download time to a standard network install and thwarts many known attacks against the installation process.

Original languageEnglish (US)
Article number5705596
Pages (from-to)40-48
Number of pages9
JournalIEEE Security and Privacy
Volume9
Issue number1
DOIs
StatePublished - Jan 1 2011

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Fingerprint Dive into the research topics of 'Network-based root of trust for installation'. Together they form a unique fingerprint.

Cite this