Exploring Granular flow Integrity for Interconnected Trusted Platforms

Existing attestation solutions based on Linux Integrity Measurement Architecture treat the network as an untrusted input. Thus, they often employ strict access control mechanisms with tunneling policies to prevent network flows from tainting the system. However, these different access control policies are challenging for administrators to model and verify for different Linux deployments, making them difficult to deploy in practice. This paper discusses a novel method to bridge the gap between disparate information flow graphs and proposes a prototype of a new kernel-based network flow logger and attestation hooks. Results obtained show that the system impact is minimal in terms of system resources and is more flexible to deploy.