SecureBus: Towards application-transparent trusted computing with mandatory access control

Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07

Volumn , Issue , 2007, Pages 117-126

  Zhang, Xinwen ^a,c   Covington, Michael J ^b   Chen, Songqing ^a   Sandhu, Ravi ^a  

^a GEORGE MASON UNIVERSITY   (United States)

^b INTEL CORPORATION   (United States)

^c SAMSUNG INFORMATION SYSTEMS AMERICA   (United States)

Author keywords

Mandatory access control; Secure platform; SecureBus; Trusted computing

Indexed keywords

COMPUTER OPERATING SYSTEMS; INFORMATION RETRIEVAL; LEGACY SYSTEMS; PARALLEL PROCESSING SYSTEMS; USER INTERFACES;

COMPUTING CYCLES; DATA RESOURCES; SECURE PLATFORMS; TRUSTED COMPUTING (TC);

ACCESS CONTROL;

EID: 34748906009     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1229285.1229304     Document Type: Conference Paper

References (29)

1. LaGrande Technology Preliminary Architecture Specification, http://www.intel.com/technology/security/downloads/PRELIM-LT-SPEC_D52212. htm.
2. SETI@Home, http://setiathome.ssl.berkeley.edu/.
3. TCG Specification Architecture Overview. https://www. trustedcomputinggroup.org.
4. Universial TUN/TAP driver, http://vtun.sourceforge.net/tun/.
5. TrustedBSD: Adding trusted operating system features to FreeBSD. In Proceedings of the FREENIX Track: USENIX Annual Technical Conference, pages 15-28, Boston, MA, USA, June 28 2001.
6. AMD platform, for trustworthy computing. Microsoft WinHEC, http://www.microsoft.com/whdc/winhec/pres03.mspx, 2003.
7. Technical introduction to next-generation secure computing base (NGSCB). Microsoft WinHEC, 2003.
8. A. Baliga, L. Iftode, and X. Chen. Paladin: Automated detection and containment of rootkit attacks. Technical Report DCS-TR-593, Rutgers University, Department of Computer Science, 2006.
9. E. Bertino, B. Catania, E. Ferrari, and P. Perlasca. A logical framework for reasoning about access control models. ACM Transaction on Information System Security, 6(1):71-127, 2003.
10. D. Brewer and M. Nash. The Chinese wall security policy. In Proceedings of the IEEE Symposium On Research in Security and Privacy, pages 206-214, Oakland, California, 1988.
11. N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The ponder policy specification language. In Proceedings of the Workshop on Policies for Distributed System s and Networks, 2001.
12. Department of Defense National Computer Security Center. Trusted Database Interpretation of the Trusted Computer Systems Eval uation Criteria, April 1991. NCSC-TG-021.
13. Jeff Dike. A user-mode port of the linux kernel. In Proceedings of the 2000 Linux Showcase and Conference, October 2000.
14. I. Foster and C Kesselman. Globus: A metacomputing infrastructure toolkit. International Journal of Supercmputer Applications, 11(2), 1997.
15. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, pages 193-206, Bolton Landing, New York, USA, October 1922 2003.
16. V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation - a virtual machine directed approach to trusted computing. In Proceedings of the Third virtual Machine Research and Technology Symposium, pages 29-41, San Jose, CA, USA, May 6-7 2004. USENIX.
17. S. Jajodia, P. Samarati, and V. S. Subrahmanian. A logical language for expressing authorizations. In Proceedings of the IEEE Symposium On Research in Security and Privacy, pages 31-42, Oakland, CA, USA, 1997.
18. J. F. Levine, J. B. Grizzard, and H. L. Owen. Detecting and categorizing kernel-level rootkits to aid future detection. IEEE Security & Privacy, 4(1):24-32, Jan.-Feb. 2006.
19. P. Loscocco and S. Smalley. Integrating flexible support for security policies into the linux operating system. In Proceedings of USENIX Annual Technical Conference, pages 29-42, June 25-30 2001.
20. S. Muir, L. Peterson, M. Fiuczynski, J. Cappos, and J. Hartman. Proper: Privileged operations in a virtualised system environment. In Proceedings of Usenix Annual Technical Conference, 2005.
21. OASIS XACML TC. Core Specification: eXtensible Access Control Markup Language (XACML), 2005.
22. R. Oppliger and R. Rytz. Does trusted computing remedy computer security problems? IEEE Security & Privacy, 3(2):16-19, 2005.
23. M. Radhakrishnan and J. A. Solworth. Application support in the operating system kernel. In Proceedings of ACM Symposium on InformAtion, Computer and Communications Security, 2006.
24. R.Sailer, T. Jaeger, E. Valdez, R. Perez, S. Berger, J. L. Griffin, and L. van Doom. Building a mac-based security architecture for the xen opensource hypervisor. Technical report, IBM Research Report RC23629, 2005.
25. A. Sadeghi and C Stuble. Taming trusted platforms by operating system design. In Proceedings of the 4th International Workshop for Information Security Applications, LNCS 2908, pages 286-302, Berlin, Germany, August 2003.
26. R. Sandhu. Lattice-based access control models. IEEE Computer, 26(11), November. 1993.
27. E. Shi, A. Perrig, and. L. Van Doom. Bind: a fine-grained attestation service for secure distributed systems. In Proceeedings of IEEE Symposium on Security and Privacy, pages 154-168, Oakland, CA, USA, May 8-11 2005.
28. Sean Smith. Trusted Computing Platforms: Design and Applications. Springer, 2005.
29. C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman. Linux security modules: General security support for the linux kernel. In Proceedings of the 11th USENIX Security Symposium, 2002.