Towards a Backdoorless Network Architecture Based on Remote Attestation and Backdoor Inspection

Abstract: To keep a system secure, all devices in the system need to be benign. To avoid malicious and/or compromised devices, network access control such as authentication using a credential and remote attestation based on trusted hardware has been used. These techniques ensure the authenticity and integrity of the devices, but do not mitigate risks of a backdoor embedded in the devices by the developer. To tackle this problem, we propose a novel architecture that integrates remote attestation and backdoor inspection. Specifically, the backdoor inspection result is stored in a server and the verifier retrieves and checks the backdoor inspection result when the remote attestation is performed. Moreover, we discuss issues to deploy the proposed architecture to the real world.