Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A TEE-Based Architecture for Confidential and Dependable Process Attestation in Authorship Verification

David Condrey

TL;DR

This work presents the first architecture for continuous process attestation evidence collection inside TEEs, providing hardware-backed tamper resistance against trust-inverted adversaries with graduated input assurance from software-channel integrity through hardware-bound input (Tier 3).

Abstract

Process attestation systems verify that a continuous physical process, such as human authorship, actually occurred, rather than merely checking system state. These systems face a fundamental dependability challenge: the evidence collection infrastructure must remain available and tamper-resistant even when the attesting party controls the platform. Trusted Execution Environments (TEEs) provide hardware-enforced isolation that can address this challenge, but their integration with continuous process attestation introduces novel resilience requirements not addressed by existing frameworks. We present the first architecture for continuous process attestation evidence collection inside TEEs, providing hardware-backed tamper resistance against trust-inverted adversaries with graduated input assurance from software-channel integrity (Tier 1) through hardware-bound input (Tier 3). We develop a Markov-chain dependability model quantifying Evidence Chain Availability (ECA), Mean Time Between Evidence Gaps (MTBEG), and Recovery Time Objectives (RTO). We introduce a resilient evidence chain protocol maintaining chain integrity across TEE crashes, network partitions, and enclave migration. Our security analysis derives formal bounds under combined threat models including trust inversion and TEE side channels, parameterized by a conjectural side-channel leakage bound esc that requires empirical validation. Evaluation on Intel SGX demonstrates under 25% per-checkpoint CPU overhead (<0.3% of the 30 s checkpoint interval), >99.5% Evidence Chain Availability (ECA) (the fraction of session time with active evidence collection) in Monte Carlo simulation under Poisson failure models, and sealed-state recovery under 200 ms.

A TEE-Based Architecture for Confidential and Dependable Process Attestation in Authorship Verification

TL;DR

This work presents the first architecture for continuous process attestation evidence collection inside TEEs, providing hardware-backed tamper resistance against trust-inverted adversaries with graduated input assurance from software-channel integrity through hardware-bound input (Tier 3).

Abstract

Process attestation systems verify that a continuous physical process, such as human authorship, actually occurred, rather than merely checking system state. These systems face a fundamental dependability challenge: the evidence collection infrastructure must remain available and tamper-resistant even when the attesting party controls the platform. Trusted Execution Environments (TEEs) provide hardware-enforced isolation that can address this challenge, but their integration with continuous process attestation introduces novel resilience requirements not addressed by existing frameworks. We present the first architecture for continuous process attestation evidence collection inside TEEs, providing hardware-backed tamper resistance against trust-inverted adversaries with graduated input assurance from software-channel integrity (Tier 1) through hardware-bound input (Tier 3). We develop a Markov-chain dependability model quantifying Evidence Chain Availability (ECA), Mean Time Between Evidence Gaps (MTBEG), and Recovery Time Objectives (RTO). We introduce a resilient evidence chain protocol maintaining chain integrity across TEE crashes, network partitions, and enclave migration. Our security analysis derives formal bounds under combined threat models including trust inversion and TEE side channels, parameterized by a conjectural side-channel leakage bound esc that requires empirical validation. Evaluation on Intel SGX demonstrates under 25% per-checkpoint CPU overhead (<0.3% of the 30 s checkpoint interval), >99.5% Evidence Chain Availability (ECA) (the fraction of session time with active evidence collection) in Monte Carlo simulation under Poisson failure models, and sealed-state recovery under 200 ms.
Paper Structure (47 sections, 4 theorems, 2 equations, 3 figures, 1 table)

This paper contains 47 sections, 4 theorems, 2 equations, 3 figures, 1 table.

Table of Contents

  1. Introduction
  2. Gap.
  3. Contributions.
  4. Background and Related Work
  5. Process attestation.
  6. TEE platforms.
  7. TEE security systems.
  8. Dependability and attestation formalization.
  9. System Model and Threat Model
  10. System Model
  11. Trust Inversion Threat Model for TEE
  12. Infrastructure Threat Model
  13. TEE-Based Process Attestation Architecture
  14. Architecture Overview
  15. Enclave Design
  16. ...and 32 more sections

Key Result

theorem 1

If TEE sealing provides authenticated encryption with $\mathrm{negl}(\lambda)$ forgery probability and $H$ is collision-resistant, then the post-recovery chain $C_1, \ldots, C_j, C_{j+1}^R, \ldots$ satisfies chain integrity except with probability $\mathrm{negl}(\lambda)$.

Figures (3)

  • Figure 1: TEE-based process attestation architecture. The evidence collection pipeline (SWF engine, CDCE generator) runs inside the TEE enclave. The author and writing application are adversary-controlled. Sealed storage enables crash recovery. Evidence flows to the Verifier via RA-TLS.
  • Figure 2: CTMC for evidence collection availability. Evidence is produced only in $S_A$; $S_D$ buffers locally during partitions.
  • Figure 3: Evidence Chain Availability vs. crash rate for sealed recovery and cold-restart-only configurations. Simulation over 10,000 hours with network partition rate $\lambda_p = 10^{-2}$/h. Sealed recovery maintains ECA >99.5% for crash rates up to $10^{-2}$/h.

Theorems & Definitions (11)

  • definition 1: TEE Trust-Inverted Adversary
  • theorem 1: Crash Recovery Integrity
  • proof
  • proposition 1: Offline Evidence Freshness
  • definition 2: Evidence Chain Availability
  • theorem 2: ECA Closed-Form
  • proof
  • definition 3: Attestation Fidelity
  • definition 4: Trust Inversion Experiment
  • theorem 3: TEE Resistance to Trust Inversion
  • ...and 1 more