Principles of Remote Attestation
Remote attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network. The authors identify five central principles to guide development of attestation systems. They argue that attestation must be able to deliver temporally fresh evidence; comprehensive information about the target should be accessible; the target, or its owner, should be able to constrain disclosure of information about the target; attestation claims should have explicit semantics to allow decisions to be derived from several claims; and the underlying attestation mechanism must be trustworthy. They illustrate how to acquire evidence from a running system, and how to transport it via protocols to remote appraisers.