Towards a Cloud-Based Integrity Measurement Service
The aim of this paper is to propose the use of a cloud-based integrity management service coupled with a trustworthy client component - in the form of the Trust Extension Device (TED) platform - as a means to increase the quality of the security evaluation of a client. Thus, in addition to performing authentication of the client (e.g. as part of Single Sign-On), the Identity Provider asks that the integrity of the client platform be computed and then be evaluated by a trustworthy and independent Cloud-based Integrity Measurement Service (cIMS). The TED platform has been previously developed based on the Trusted Platform Module (TPM), and allows the integrity measurement of the client environment to be conducted and reported in a secure manner.