Maat: A Platform Service for Measurement and Attestation.

Software integrity measurement and attestation (Mu0026A) are critical technologies for evaluating the trustworthiness of software platforms. To best support these technologies, next generation systems must provide a centralized service for securely selecting, collecting, and evaluating integrity measurements. Centralization of Mu0026A avoids duplication, minimizes security risks to the system, and ensures correct ad- ministration of integrity policies and systems. This paper details the desirable features and properties of such a system, and introduces Maat, a prototype implementation of an Mu0026A service that meets these properties. Maat is a platform service that provides a centralized policy-driven framework for determining which measurement tools and protocols to use to meet the needs of a given integrity evaluation. Maat simplifies the task of integrating integrity measurements into a range of larger trust decisions such as authentication, network access control, or delegated computations.