Abstract
Administrators of large datacenters often require network installation mechanisms, such as disk cloning over the network, to manage the integrity of their machines. However, network-based installation is vulnerable to a variety of attacks, including compromised machines responding to installation requests with malware. To enable verification that running machines were installed correctly, the Network-Based Root of Trust for Installation (netROTI, for short) binds the state of a system to its installer and disk image. Evaluation results show that a netROTI installation adds about 8 seconds overhead plus 3 percent of image download time to a standard network install and thwarts many known attacks against the installation process.
Original language | English (US) |
---|---|
Article number | 5705596 |
Pages (from-to) | 40-48 |
Number of pages | 9 |
Journal | IEEE Security and Privacy |
Volume | 9 |
Issue number | 1 |
DOIs | |
State | Published - Jan 2011 |
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Electrical and Electronic Engineering
- Law