An Effective Approach for Remote Attestation in Trusted Computing

The e-commerce demands end-user systems that adhere to well-defined security policies. In this context Trusted Computing is a new security solution proposed by the Trusted Computing Group Trusted Computing (TC). It aims at providing a framework and effective mechanisms that allow computing platforms and a distributed system to gain assurance about each other’s integrity and trustworthiness. In TCG architectures Remote attestation is one of the core functionalities provided by trusted computing platforms. It was introduced in TCG specifications to determine whether a remote system is trusted to behave in a particular manner for a specific purpose. However, most of the existing approaches is static, inexpressive and attest only the integrity state of a remote system. This paper proposes an effective approach for remote attestation in trusted computing from the automated negotiations that an application authenticates itself to a remote party automatically. We suggest a model automated negotiation for remote attestation that is completed by both sides through the automated negotiations, and discuss the process of automated negotiations.