Additional Reading
This section contains a list of additional blog posts, research and talks about or related to Keylime.
Blogs entries
Daniele Buono, Marcio A. Silva, Maurizio Drocco, Gheorghe Almasi, and James Bottomley. Extending server integrity with Durable Attestation. URL: https://research.ibm.com/blog/durable-attestation-cloud-security (visited on 2023-12-02).
Kylie Foy. Keylime security software is deployed to IBM cloud. URL: https://news.mit.edu/2021/keylime-security-software-deployed-ibm-cloud-0727 (visited on 2023-12-02).
Vikram Narayanan, Claudio Carvalho, Angelo Ruocco, Gheorghe Almási, James Bottomley, Mengmei Ye, Tobin Feldman-Fitzthum, Daniele Buono, Hubertus Franke, and Anton Burtsev. Remote attestation of SEV-SNP confidential VMs using e-vTPMs. URL: http://arxiv.org/abs/2303.16463 (visited on 2023-12-02), arXiv:2303.16463, doi:10.48550/arXiv.2303.16463.
Michael Peters and Gheorghe Almasi. IBM implements remote attestation on Linux with a hardware root-of-trust using Keylime. URL: https://www.cncf.io/blog/2021/07/06/ibm-implements-remote-attestation-on-linux-with-a-hardware-root-of-trust-using-keylime/ (visited on 2023-12-02).
Michael Peters, Marcio A. Silva, George Almási, James Bottomley, and Lily Sturmann. Keylime’s durable attestation makes security auditable. URL: https://next.redhat.com/2023/04/25/keylimes-durable-attestation-makes-security-auditable/ (visited on 2023-12-02).
Alberto Planas. MicroOS Remote Attestation with TPM and Keylime. URL: https://microos.opensuse.org/blog/2021-11-08-MicroOS-Keylime-TPM/ (visited on 2023-12-02).
Patrick Uiterwijk. TPM2 Key Trust: where did Keylime go wrong. URL: https://puiterwijk.org/posts/tpm2-attestation-keylime-vulnerability/ (visited on 2023-12-02).
Kimberly Underwood. Keylime Provides Root-of-Trust at Scale. URL: https://www.afcea.org/signal-media/keylime-provides-root-trust-scale (visited on 2023-12-02).
Academic Research
Original papers
Amin Mosayyebzadeh, Gerardo Ravago, Apoorve Mohan, Ali Raza, Sahil Tikale, Nabil Schear, Trammell Hudson, Jason Hennessey, Naved Ansari, Kyle Hogan, Charles Munson, Larry Rudolph, Gene Cooperman, Peter Desnoyers, and Orran Krieger. A Secure Cloud with Minimal Provider Trust. 10th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 18), July 2018.
Nabil Schear, Patrick T. Cable, Thomas M. Moyer, Bryan Richard, and Robert Rudd. Bootstrapping and maintaining trust in the cloud. In Proceedings of the 32nd Annual Conference on Computer Security Applications, 65–77. ACM, December 2016. URL: https://dl.acm.org/doi/10.1145/2991079.2991104 (visited on 2023-12-02), doi:10.1145/2991079.2991104.
Research using Keylime
Diana Gratiela Berbecaru and Silvia Sisinni. Counteracting software integrity attacks on IoT devices with remote attestation: a prototype. In 2022 26th International Conference on System Theory, Control and Computing (ICSTCC), 380–385. October 2022. URL: https://ieeexplore.ieee.org/document/9931765 (visited on 2023-12-02), doi:10.1109/ICSTCC55426.2022.9931765.
Antonio Lioy, Dr Ignazio Pedone, and Dr Silvia Sisinni. TPM 2.0-based Attestation of a Kubernetes Cluster. Politecnico di Torino, 2023.
Vikram Narayanan, Claudio Carvalho, Angelo Ruocco, Gheorghe Almási, James Bottomley, Mengmei Ye, Tobin Feldman-Fitzthum, Daniele Buono, Hubertus Franke, and Anton Burtsev. Remote attestation of SEV-SNP confidential VMs using e-vTPMs. URL: http://arxiv.org/abs/2303.16463 (visited on 2023-12-02), arXiv:2303.16463, doi:10.48550/arXiv.2303.16463.
Silvia Sisinni, Davide Margaria, Ignazio Pedone, Antonio Lioy, and Andrea Vesco. Integrity Verification of Distributed Nodes in Critical Infrastructures. Sensors 2022, 22(18):6950, September 2022. URL: https://www.mdpi.com/1424-8220/22/18/6950 (visited on 2023-12-02), doi:10.3390/s22186950.
Talks and Live Demos
Luke Hinds. Keylime - An Open Source TPM Project for Remote Trust of IoT. URL: https://www.youtube.com/watch?v=jtbWnod5hoY (visited on 2023-12-02).
Luke Hinds. Keylime - An Open Source TPM Project for Remote Trust. URL: https://www.youtube.com/watch?v=YtPsruEqGeY (visited on 2023-12-02).
Luke Hinds. Keylime Demo: Remote Trust for IoT, edge, and cloud. URL: https://www.youtube.com/watch?v=Qhr_aVBCZPw (visited on 2023-12-02).
Luke Hinds. Keylime: Bootstrapping and Maintaining Trust. URL: https://www.youtube.com/watch?v=xPmv-G5V4I8 (visited on 2023-12-02).
Alberto Planas. MicroOS Remote Attestation with TPM and Keylime. URL: https://www.youtube.com/watch?v=6F2mxG4YRKg (visited on 2023-12-02).
Alberto Planas. Remote Attestation in MicroOS. 00:00:00 +0200. URL: https://media.ccc.de/v/3710-remote-attestation-in-microos (visited on 2023-12-02).
Anderson Sasaki and Thore Sommer. Remote Attestation with Keylime. URL: https://archive.fosdem.org/2023/schedule/event/security_keylime/ (visited on 2023-12-02).
Thore Sommer. Remote Attestation of the UEFI Event log. URL: https://vimeo.com/770419457 (visited on 2023-12-02).
Thore Sommer. Writing Digital Exams secured by Remote Attestation and Cloud Computing. URL: https://www.youtube.com/watch?v=EXaPg2Yji4s (visited on 2023-12-02).
Lily Sturmann and Michael Peters. Keylime: Bootstrap and Maintain Trust on the Edge, Cloud, and IoT. URL: https://www.youtube.com/watch?v=e_g32LxvOCk (visited on 2023-12-02).
Andrew Toth. Keylime, Securing your Slice of the Cloud. URL: https://www.youtube.com/watch?v=O2x9gwq3BQQ (visited on 2023-12-02).