Proceedings of the XXth Conference of Open Innovations Association FRUCT (May 2023)

Platform Attestation in Consumer Devices

  • Arto Niemi,
  • Vijay Nayani,
  • Mariam Moustafa,
  • Jan-Erik Ekberg

DOI
https://doi.org/10.23919/FRUCT58615.2023.10142995
Journal volume & issue
Vol. 33, no. 1
pp. 198 – 209

Abstract

Read online

Platform attestation allows consumer devices to report their security state to relying parties such as cloud services and network gateways. In contrast to more restricted forms of remote attestation, such as key attestation, platform attestation provides more information to the verifier, but is complex to deploy, which has hindered its adoption in the industry. Recently, new approaches such as device health attestation (DHA) have been introduced that simplify the remote attestation process especially from the relying party's perspective. A common denominator in these developments is the use of an external, usually cloud-based verification service that is physically separate from the relying party. The service transforms attestation evidence into a health report -- a standard and simplified format that is easier for relying parties to process. In this paper, we survey the state of art in platform attestation in the industry, focusing on Windows DHA, Samsung Knox DHA, Android Play Integrity, Huawei SysIntegrity, and Apple's App integrity and Device Check.

Keywords