Towards authentication of transparent systems

Main Track,

We will present our ongoing work on the System Transparency Authentication Mechanism (STAM), ST's evolving design philosophy and the benefits of transparent systems to service providers.

STAM is an authentication mechanism for transparent systems - mainly System Transparency - which we are still actively designing. We would greatly appreciate your feedback.

System Transparency (ST) is a security architecture for service providers who want to operate transparent systems. We define a running computer system as transparent if its advertised state space is apparent to a relying party. ST is used in production at Mullvad VPN, but it still has a long way to go until all of its design goals are realized.

STAM is designed to assure a local system of a remote system’s platform provenance, identity, state, authenticity, source code traceability, and freshness, as well as certificate transparency. It builds on entity authentication mechanisms, secure communication, reproducible builds, remote attestation, transparency logging and witness cosigning. The aforementioned technologies also constitute the backbone of System Transparency.

Our 20-minute talk will be followed by a 20-minute Q&A discussion and feedback session.

Resources: