Dynamic policy discovery with remote attestation

被引:0
|
作者
Pitcher, C [1 ]
Riely, J [1 ]
机构
[1] Depaul Univ, CTI, Chicago, IL 60604 USA
来源
FOUNDATIONS OF SOFTWARE SCIENCE AND COMPUTATION STRUCTURES, PROCEEDINGS | 2006年 / 3921卷
关键词
remote attestation; code-identity based access control; policy establishment; key establishment; pi-calculus; Next Generation Secure Computing Base;
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Remote attestation allows programs running on trusted hardware to prove their identity (and that of their environment) to programs on other hosts. Remote attestation can be used to address security concerns if programs agree on the meaning of data in attestations. This paper studies the enforcement of codeidentity based access control policies in a hostile distributed environment, using a combination of remote attestation, dynamic types, and typechecking. This ensures that programs agree on the meaning of data and cannot violate the access control policy, even in the presence of opponent processes. The formal setting is a pi-calculus with secure channels, process identity, and remote attestation. Our approach allows executables to be typechecked and deployed independently, without the need for secure initial key and policy distribution beyond the trusted hardware itself.
引用
收藏
页码:111 / 125
页数:15
相关论文
共 50 条
  • [1] User-policy-based dynamic remote attestation in cloud computing
    Ba, Haihe
    Ren, Jiangchun
    Wang, Zhiying
    Zhou, Huaizhe
    Li, Yiming
    Hong, Tie
    [J]. INTERNATIONAL JOURNAL OF EMBEDDED SYSTEMS, 2016, 8 (01) : 39 - 45
  • [2] Dynamic Remote Attestation Based on Concerns
    Kong Xiangying
    Chen Yanhui
    [J]. 2015 8TH INTERNATIONAL SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE AND DESIGN (ISCID), VOL 1, 2015, : 76 - 80
  • [3] An Efficient and Flexible Dynamic Remote Attestation Method
    Li, Hong-jiao
    Wang, Shan
    [J]. 2014 NINTH INTERNATIONAL CONFERENCE ON BROADBAND AND WIRELESS COMPUTING, COMMUNICATION AND APPLICATIONS (BWCCA), 2014, : 239 - 246
  • [4] DYNAMIC REMOTE ATTESTATION THROUGH BEHAVIOR MEASUREMENT AND VERIFICATION
    Alam, Masoom
    Zhang, Xinwen
    Nauman, Mohammad
    Ali, Tamleek
    Khan, Sanaullah
    Khan, Shahbaz
    Alam, Quratulain
    Anwar, Sajid
    Jaffar, Arfan
    Hayat, Amir
    Ali, Muhammad
    Adnan, Awais
    [J]. INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL, 2012, 8 (3A): : 1821 - 1836
  • [5] Bloom Filter based Collective Remote Attestation for Dynamic Networks
    Frontera, Salvatore
    Lazzeretti, Riccardo
    [J]. ARES 2021: 16TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, 2021,
  • [6] Credibility Attestation of Property Remote Attestation Method
    Cui Yan-Li
    Zhang Xing
    [J]. 2009 SECOND INTERNATIONAL CONFERENCE ON FUTURE INFORMATION TECHNOLOGY AND MANAGEMENT ENGINEERING, FITME 2009, 2009, : 254 - +
  • [7] Remote Attestation with Domain-Based Integrity Model and Policy Analysis
    Xu, Wenjuan
    Zhang, Xinwen
    Hu, Hongxin
    Ahn, Gail-Joon
    Seifert, Jean-Pierre
    [J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2012, 9 (03) : 429 - 442
  • [8] Principles of remote attestation
    George Coker
    Joshua Guttman
    Peter Loscocco
    Amy Herzog
    Jonathan Millen
    Brian O’Hanlon
    John Ramsdell
    Ariel Segall
    Justin Sheehy
    Brian Sniffen
    [J]. International Journal of Information Security, 2011, 10 : 63 - 81
  • [9] Principles of remote attestation
    Coker, George
    Guttman, Joshua
    Loscocco, Peter
    Herzog, Amy
    Millen, Jonathan
    O'Hanlon, Brian
    Ramsdell, John
    Segall, Ariel
    Sheehy, Justin
    Sniffen, Brian
    [J]. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2011, 10 (02) : 63 - 81
  • [10] DR@FT: Efficient Remote Attestation Framework for Dynamic Systems
    Xu, Wenjuan
    Ahn, Gail-Joon
    Hu, Hongxin
    Zhang, Xinwen
    Seifert, Jean-Pierre
    [J]. COMPUTER SECURITY-ESORICS 2010, 2010, 6345 : 182 - +
12345