Using IMA for Integrity Measurement and Attestation*
Linux 2.6.30 includes the Integrity Measurement Architecture (IMA) system, which measures (hashes) files before they are accessed, and which can use a TPM for hardware signed attestation for centralized management of client integrity.
This talk will cover configuration and use of 2.6.30’s new Integrity Measurement Architecture (IMA). It will discuss IMA measurement policies, use and configuration of a hardware TPM for report signature and validation, and how to generate and use Trusted Computing Group standard formats and protocols for network admission and health-check. The talk will include demonstration of open source applications and libraries for these capabilities.
Research Staff Member, IBM T.J Watson Research Center, Yorktown Heights, NY.
Leads research in security topics, including security analysis tools, security engineering, Linux security, wireless security, ethical hacking, security hardware tokens and coprocessors, and cryptography.