Deep Attestation in single and multi-tenant environments
In this talk, we present two new approaches to provide deep attestation which enables the VMs and hypervisor boot integrity and layer linking while being efficient and scalable. The first solution considers only one single verifier and the second contribution considers multiple verifiers where privacy challenges have been undertaken. Both solutions have been formally proved secure. We also implemented our proposals using TPM 2.0 and vTPM (KVM/QEMU), and show that they are practical and efficient.
