무결성 검증을 위한 오버헤드의 정량적 분석
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | 손주형 | - |
| dc.contributor.author | 구성민 | - |
| dc.contributor.author | 최종무 | - |
| dc.contributor.author | 조성제 | - |
| dc.contributor.author | 백승재 | - |
| dc.contributor.author | 전광일 | - |
| dc.contributor.author | 박준혁 | - |
| dc.contributor.author | 김형춘 | - |
| dc.date.accessioned | 2020-07-15T18:50:55Z | - |
| dc.date.available | 2020-07-15T18:50:55Z | - |
| dc.date.created | 2020-02-11 | - |
| dc.date.issued | 2017-04-06 | - |
| dc.identifier.uri | https://sciwatch.kiost.ac.kr/handle/2020.kiost/24190 | - |
| dc.description.abstract | As the use of cloud computing and autonomous computing increases, integrity verification of the software stack used in a system becomes a critical issue. In this paper, we analyze the internal behavior of IMA (Integrity Measurement Architecture), one of the most well-known integrity verification frameworks employed in the Linux kernel. For integrity verification, IMA measures all executables and their configuration files in a trusty manner using TPM (Trust Platform Module). Our analysis reveals that there are two obstacles in IMA, measurement overhead and nondeterminism. To address these problems, we propose two novel techniques, called batch extend and core measurement. The former is a technique that accumulates the measured values of executables/files and extends them into TPM in a batch fashion. The second technique measures some specified executables/files only so that it verifies the core integrity of a system in which a user or a remote party is interested. Real implementation based evaluation shows that our proposal can reduce the booting time from 122 to 23 seconds, while supporting the same integrity verification capability of the default IMA policy.ture), one of the most well-known integrity verification frameworks employed in the Linux kernel. For integrity verification, IMA measures all executables and their configuration files in a trusty manner using TPM (Trust Platform Module). Our analysis reveals that there are two obstacles in IMA, measurement overhead and nondeterminism. To address these problems, we propose two novel techniques, called batch extend and core measurement. The former is a technique that accumulates the measured values of executables/files and extends them into TPM in a batch fashion. The second technique measures some specified executables/files only so that it verifies the core integrity of a system in which a user or a remote party is interested. Real implementation based evaluation shows that our proposal can reduce the booting time from 122 to 23 seconds, while supporting the same integrity verification capability of the default IMA policy. | - |
| dc.description.uri | 1 | - |
| dc.language | English | - |
| dc.publisher | ACM | - |
| dc.relation.isPartOf | Symposium on Applied Computing | - |
| dc.title | 무결성 검증을 위한 오버헤드의 정량적 분석 | - |
| dc.title.alternative | Quantitative Analysis of Measurement Overhead for Integrity Verification | - |
| dc.type | Conference | - |
| dc.citation.conferencePlace | US | - |
| dc.citation.endPage | 6 | - |
| dc.citation.startPage | 1 | - |
| dc.citation.title | Symposium on Applied Computing | - |
| dc.contributor.alternativeName | 백승재 | - |
| dc.identifier.bibliographicCitation | Symposium on Applied Computing, pp.1 - 6 | - |
| dc.description.journalClass | 1 | - |
- Appears in Collections:
- Marine Industry Research Division > Maritime ICT & Mobility Research Department > 2. Conference Papers
- Files in This Item:
- There are no files associated with this item.
