The trustworthiness given to remote platform by service provider is the base to network access authorization, but it's hard for service provider to get the real state of remote platforms without hardware support such as built-in TPM, and therefore to trust them. This paper presents a remote attestation mechanism in which a trusted agent is assured to measure and report to the service provider the state related information of its resided platform. To achieve this remote attestation process in an open environment without hardware support, increasing the software complexity is an effective choice. Software obfuscation can make the program more complicated for the software reverse engineering hard to work, and if the agent can also work independently to the services supplied by the resided platform, it can thus be trusted by its distributor during a significant period.
展开▼
