TY - GEN
T1 - A Software Integrity Authentication Protocol for Zero Trust Architecture
AU - Liu, Wenyi
AU - Zhang, Zheng
AU - Qiao, Xu
AU - Li, Yuanzhang
AU - Tan, Yu An
AU - Meng, Weizhi
N1 - Publisher Copyright:
© 2024 Owner/Author.
PY - 2024/8/4
Y1 - 2024/8/4
N2 - With the rapid expansion of network scale and the increasing complexity of network infrastructure, network boundaries have gradually blurred, traditional bound-based security models have gradually become ineffective to new application environment. In the literature, zero trust security model implements continuous verification and dynamic authorization for all access requests based on multi-dimensional factors such as the identity of the access subject. To safeguard against untrusted software and vulnerabilities, it is crucial to employ diverse technologies to protect software integrity and ensure system safety. This paper focuses on the research of software integrity authentication for the zero trust network. We create a master-slave collaboration environment of host and SSD in the zero trust network, where the host CPU is the dominant CPU and the SSD CPU is the slave CPU. We then design a software integrity authentication protocol for this zero trust architecture. The protocol does not require any hardware assistance and our experimental results show that it can defend against attacks through checksum correctness and verification-time validity.
AB - With the rapid expansion of network scale and the increasing complexity of network infrastructure, network boundaries have gradually blurred, traditional bound-based security models have gradually become ineffective to new application environment. In the literature, zero trust security model implements continuous verification and dynamic authorization for all access requests based on multi-dimensional factors such as the identity of the access subject. To safeguard against untrusted software and vulnerabilities, it is crucial to employ diverse technologies to protect software integrity and ensure system safety. This paper focuses on the research of software integrity authentication for the zero trust network. We create a master-slave collaboration environment of host and SSD in the zero trust network, where the host CPU is the dominant CPU and the SSD CPU is the slave CPU. We then design a software integrity authentication protocol for this zero trust architecture. The protocol does not require any hardware assistance and our experimental results show that it can defend against attacks through checksum correctness and verification-time validity.
KW - Address Transformation
KW - Authentication Protocol
KW - Integrity Verification
KW - Software Security
KW - Zero Trust
UR - http://www.scopus.com/inward/record.url?scp=85202818041&partnerID=8YFLogxK
U2 - 10.1145/3672200.3673874
DO - 10.1145/3672200.3673874
M3 - Conference contribution
AN - SCOPUS:85202818041
T3 - ZTA-NextGen 2024 - Proceedings of the SIGCOMM Workshop on Zero Trust Architecture for Next Generation Communications, Part of: SIGCOMM 2024
SP - 1
EP - 6
BT - ZTA-NextGen 2024 - Proceedings of the SIGCOMM Workshop on Zero Trust Architecture for Next Generation Communications, Part of
PB - Association for Computing Machinery, Inc
T2 - 2024 ACM SIGCOMM Workshop on Zero Trust Architecture for Next Generation Communications, ZTA-NextGen 2024
Y2 - 4 August 2024 through 8 August 2024
ER -