You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 lines
1.2 KiB
22 lines
1.2 KiB
\chapter{Conclusion and Outlook}
|
|
\label{cha:conclusion}
|
|
|
|
\section{Future Work}
|
|
\begin{itemize}
|
|
\item Remove building tools on target device - just deliver binaries
|
|
\item Remove complex runtime environments like Java, Python, etc. to reduce bloating the integrity logs
|
|
\item Set file system read only, just use e.g. a ramdisk for working files
|
|
\item Integrate USB sensors into the trusted/integrity environment, including device firmware.
|
|
\end{itemize}
|
|
\subsection{Closing the chain of trust between TPM manufacturer and DAA issuer}
|
|
Activate a credential with to certify that the Membership key is in the Endorsement hierarchy, which can be verified with the TPM certificate.
|
|
\begin{itemize}
|
|
\item Theoretical concept in the \emph{Practical Guide to TPM 2.0, pp 109 ff}
|
|
\item Practical approach: with EK, AK and AIK to show validity of EK:\\ \url{https://ericchiang.github.io/post/tpm-keys/?utm_campaign=Go%20Full-Stack&utm_medium=email&utm_source=Revue%20newsletter#credential-activation}
|
|
\end{itemize}
|
|
|
|
Further integration in the Digidow environment if DAA is useful for that.
|
|
|
|
\section{Outlook}
|
|
Hardening of the system beyond IMA useful.
|
|
Minimization also useful, because the logging gets shorter.
|
|
|