Ws-Attestation: Enabling trusted computing on Web services

Test and Analysis of Web Services

Volumn , Issue , 2007, Pages 441-469

  Yoshihama, Sachiko ^a   Ebringer, Tim ^b   Nakamura, Megumi ^a   Munetoh, Seiji ^a   Mishina, Takuya ^a   Maruyama, Hiroshi ^a  

^a IBM RESEARCH TOKYO   (Japan)

^b CA Labs   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 68149105674     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1007/978-3-540-72912-9_15     Document Type: Chapter

References (30)

1. W.A. Arbaugh, J. Farber, and J.M. Smith. A secure and reliable bootstrap architecture. In IEEE Computer Society Conference on Security and Privacy, pp. 65-71, 1997
2. BM, BEA Systems, Microsoft, SAP AG, Sonic Software, and VeriSign. Web services policy framework (ws-policy), Sep 2004
3. Cert/cc statistics 1988-2005. Accessed 2005. http://www.cert.org/stats/ cert-stats.html
4. IBM et al. Web services secure conversation language (ws- secureconversation), Feb 2005
5. IBM et al. Web services trust language (ws-Trust), Feb 2005
6. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In 19th ACM Symposium on Operating Systems Principles, 2003
7. John L. Griffin, Trent Jaeger, Ronald Perez, Reiner Sailer, Leendert van Doorn, and Ramon Caceres. Trusted virtual domains: Toward secure distributed services. In Workshop on Hot Topics in System Dependability, 2005
8. V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation-A virtual machine directed approach to trusted computing. In 3rd Virtual Machine Research and Technology Symposium, May 2004
9. IBM. Web services federation language (ws-federation), Jul 2003
10. IBM, Microsoft, RSA Security, and VeriSign. Web services security policy language (ws-securitypolicy
11. IBM, BEA Systems, Microsoft, SAP AG, Computer Associates, Sun Microsystems, and webMethods. Web services metadata exchange (wsmetadataexchange), Sep 2004. http://www-128.ibm.com/developerworks/ library/specification/ws-mex/.
12. IBM, BEA Systems, Microsoft, Arjuna, and Hitachi. Web services transactions specifications, Nov 2004
13. Microsoft IBM. Security in a web services world: A proposed architecture and roadmap, Apr 2002. http://www-128.ibm.com/developerworks/library/ specification/ws-secmap/.
14. Ibm service management framework. http://www-306.ibm.com/software/ wireless/smf/.
15. Java cryptography extension (jce). http://java.sun.com/products/jce/.
16. Linux intrusion detection system (lids). http://www.lids.org/.
17. Open vulnerability and assessment language. http://oval.mitre.org/.
18. OSGi alliance. http://www.osgi.org/.
19. W3C Recommendation. Soap version 1.2, Jun 2004. http://www.w3.org/TR/ soap/.
20. W3C Candidate Recommendation. Web services description language (wsdl) version 2.0 part 0: Primer, Mar 2006. http://www.w3.org/TR/2006/ CR-wsdl20-primer-20060327/.
21. Redhat enterprise linux. http://www.redhat.com/.
22. A. Sadeghi and C. Stüble. Property-based attestation for computing platforms: Caring about properties, not mechanisms. In 2004 Workshop on New Security Paradigms (NSPW 2004), pages 67-77, 2004
23. R. Sailer, T. Jaeger, X. Zhang, and L. Van Doorn. Attestation-based policy enforcement for remote access. In 11th ACM Conference on Computer and Communications Security, pages 308-317, Oct 2004
24. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a tcg-based integrity measurement architecture. In 13th USENIX Security Symposium, pages 223-238, Aug 2004
25. Tcg software stack specification version 1.2. http://www. trustedcomputing. org/specs/TSS
26. Tcg specification architecture overview, revision 1.2. Trusted Computing Group, Apr 2004. Available at https://www.trustedcomputinggroup.org/groups/ TCG-1-0-Architecture-Overview.pdf
27. Trusted computing platform alliance main specification, version 1.1b. Trusted Computing Group, Feb 2002. https://www.trustedcomputinggroup.org/ specs/TPM
28. Uddi spec technical committee draft, version 3.02, Oct 2004. http://www. oasis-open.org/.
29. Yuji Watanabe, Sachiko Yoshihama, Takuya Mishina, Michiharu Kudo, and Hiroshi Maruyama. Bridging the gap between inter-communication boundary and inside trusted components. In 11th European Symposium on Research in Computer Security(ESORICS 2006), LNCS. Springer, 2006
30. Web service security: Soap messaging security 1.0 (ws-security 2004). OASIS Standard 200401, Mar 2004