With the rapid expansion of computational resources from the core cloud towards the far-edge, new security and trust assurance challenges arise. To provide stronger guarantees on the resources serving sensitive traffic workloads, mechanisms are needed to verify both software and hardware integrity across all elements of the compute continuum. This paper presents a lightweight runtime configuration integrity verification approach that enables implicit attestation without disclosing any configuration information of a proving device. The proposed scheme supports scalable and privacy-preserving trust verification and is demonstrated through an implementation based on TPM 2.0. Performance evaluation confirms the efficiency of the approach.
Fotos et al. (Wed,) studied this question.