Provenance−Based Model for Verifying Trust−Properties

Abstract

Trust establishment requires evidence about the system’s ability to operate as expected. However, the nature of this evidence and its representation and usage in trust evaluation still remains an open problem. Current mechanisms for collecting this evidence, such as the TCG integrity schema, do not support the linkage of this evidence and therefore limit the kinds of properties that can be verified. We argue that provenance provides more comprehensive evidence that can be represented in a manner that eases trust evaluation. Towards this end, we propose a provenance-based model for reasoning about a system’s ability to satisfy trust properties of interest. This approach enables interoperability, supports multiple abstractions and enables evaluation of varying trust properties. Its application on verifying properties of platforms for use in a trust domain demonstrate its feasibility and flexibility.