User-Centered Attestation for Layered and Decentralised Systems

Virtualization is omnipresent as the backbone of cloud, edge, and fog computing as well as X-as-a-service infrastructure. It continues to gain increased popularity even in edge or end-user and embedded devices. The need for standards and specifications for secure and trustworthy collaboration becomes a pressing issue. Trusted Computing is considered one of the pillars towards trustworthy systems both in terms of practical security mechanisms and supporting standards. This paper revisits the Trusted Computing tool-set and introduces its current application in virtualization scenarios. We discuss challenges related to translating the term trust between specifications for hardware modules such as the Trusted Platform Module (TPM) and applied specifications for operating systems, hypervisors, and virtual machines are — defining trust establishment becomes crucial for specifications extending trust beyond the TPM. We define Usercentered attestation as a set of principles suitable for layered, decentralized systems along with a methodology for specifying and synthesizing such a trust establishment strategy.