Architectures for Trustworthy Utility Computing

Cornelius Namiluko ( SEP )

Integrity measurement, secure storage and reporting capabilities of trusted computing enable a platform to securely provide evidence on the integrity of its configuration to relying entities. Relying entities combine the evidence with other information such as whitelist (list of known good configurations) and validity of the encryption keys to determine whether the configuration is acceptable. But what information is necessary to reach a valid conclusion? In other words, what are the essential properties of the software stack, the hardware and their combination that lead to a platform being trusted? What if two or more platforms, potentially trusted in different ways, are combined what would the relying entity like to say about the system and what can they say? This becomes even more interesting when consider complex distributed systems such as utility infrastructure, which combine multiple systems into one virtual infrastructure, with possibly multiple players involved in the provision of a service.