UPM Institutional Repository

Mutual remote attestation in IPSec based VPN


Citation

Abd Aziz, Norazah and Setapa, Sharipah and Udzir, Nur Izura (2013) Mutual remote attestation in IPSec based VPN. International Journal of Cryptology Research, 4 (1). pp. 55-67. ISSN 1985-5753

Abstract

Secure communication between computer systems is normally established using secure tunnel technologies such as Internet Protocol Security (IPSec). IPSec protocol guarantees authenticity of communication and secure the data at each gateway but it does not provide any assurance on the entity authentication. So, it is important to make sure the trustworthiness of the remote party that already has a faithful system. Trusted Computing Group (TCG) has introduced a platform to solve this issue into the mainstream computer industry through their main approach called Trusted Platform Module (TPM). TPM is a security module which has been designed to store information of system events securely as well as the key component in the attestation realization. Trusted Computing Platform (TCP) provides a mechanism to supports attestation by its Platform Configuration Registers (PCR) which has become the integrity measurement of a platform. Attestation is a mechanism to provide remote assurance of the state of the hardware component running on a computing device. This paper, proposes an extension to the IPSec key exchange protocol by establishing properties-based attestation. An embedded attestation extension is provided in VPN communication such as IPSec protocol by establishing mutual properties based attestation using Internet Security Association and Key Management Protocol (ISAKMP) measurement value as properties that are computed from security policy database (SPD). Hence, the proposed approach will protect both sender's and receiver's platforms integrity at their respective gateways.


Download File

[img]
Preview
PDF (Abstract)
Mutual remote attestation in IPSec based VPN.pdf

Download (36kB) | Preview

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
Publisher: Malaysian Society for Cryptology Research
Keywords: IPSec protocol; Trusted Computing Group (TCG); Trusted Platform Module (TPM); Trusted Computing Platform (TCP); Platform Configuration Registers (PCR); Security policy database
Depositing User: Nabilah Mustapa
Date Deposited: 03 May 2017 04:20
Last Modified: 03 May 2017 04:20
URI: http://psasir.upm.edu.my/id/eprint/51910
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item