Behavioral attestation for web services (BA4WS)

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2008, Pages 21-27

  Alam, Masoom ^a   Zhang, Xinwen ^b   Nau, Mohammad ^a   Ali, Tamleek ^c  

^a Institute of Management Sciences   (Pakistan)

^b SAMSUNG INFORMATION SYSTEMS AMERICA   (United States)

^c INTERNATIONAL ISLAMIC UNIVERSITY   (Pakistan)

Author keywords

[No Author keywords available]

Indexed keywords

BEHAVIOR POLICY; BUSINESS PARTNERS; BUSINESS PROCESS; DYNAMIC COLLABORATIONS; HETEROGENEOUS ENVIRONMENTS; NEW MECHANISMS; NOVEL CONCEPT; REMOTE ATTESTATION; SENSITIVE INFORMATIONS; SERVICE PROVIDER; WEB SERVICE ORCHESTRATION; WEB SERVICES STANDARDS; XACML POLICIES;

INFORMATION SERVICES; SERVICE ORIENTED ARCHITECTURE (SOA);

WEB SERVICES;

EID: 70349248601     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1456492.1456496     Document Type: Conference Paper

References (28)

1. IAIK: Institute for Applied Information Processing and Communications, Graz University of Technology. http://www. iaik. tugraz. at/.
2. Security-Enhanced Linux (SELinux). http://www.nsa.gov/ selinux/.
3. Sun's XACML Implementation. http://sunxacml.sourceforge.net.
4. Trusted Computing for the Java(tm) Platform. available at,. http://trustedjava.sourceforge.net/.
5. Trusted Computing Group (TCG). https://www.trustedcomputinggroup.org/.
6. TCG Specification Architecture Overview v1.2, page 11-12. Technical report, Trusted Computing Group, April 2004.
7. SAML 2.0 profile of XACML v2.0. Technical report, OASIS, February 2005.
8. M. Alam, X. Zhang, M. Nauman, T. Ali, and J.P. Seifert. Model-based Behavioral Attestation. In SACMAT '08: Proceedings of the thirteenth ACM symposium on Access control models and technologies., New York, NY, USA, 2008. ACM Press.
9. Masoom Alam, Qi Li, Xinwen Zhang, and Jean-Pierre Seifert. Usage control platformization via trustworthy selinux. In ASIACCS'08: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, 2008.
10. Masoom Alam, Jean-Pierre Seifert, and Xinwen Zhang. A model-driven framework for trusted computing based systems. In EDOC '07: Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference, page 75, Washington, DC, USA, 2007. IEEE Computer Society.
11. S. Anderson, J. Bohren, T. Boubez, et al. Web Services Trust Language (WS-Trust). Public draft release, Actional Corporation, BEA Systems, Computer Associates International, International Business Machines Corporation, Layer, 7.
12. B. Atkinson, G. Della-Libera, S. Hada, M. Hondo, P. Hallam-Baker, J. Klein, B. LaMacchia, P. Leach, J. Manferdelli, H. Maruyama, et al. Web Services Security (WS-Security). Version, 1.
13. Advanced Micro Devices. AMD Secure Virtual Machine Architecture Reference Manual. AMD, 2005.
14. David Grawrock. The Intel Safer Computing Initiative Building Blocks for Trusted Computing. Intel Press, http://www.intel.com/intelpress/sum secc.htm, 2005.
15. Trent Jaeger, Reiner Sailer, and Umesh Shankar. PRIMA: Policy-Reduced Integrity Measurement Architecture. In SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies, pages 19{28, New York, NY, USA, 2006. ACM Press.
16. Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis Kafura, and Sumit Shah. First experiences using xacml for access control in distributed systems. In XMLSEC '03: Proceedings of the 2003 ACM workshop on XML security, pages 25{37, New York, NY, USA, 2003. ACM.
17. F. Mayer, K. MacMillan, and D. Caplan. SELinux by Example: Using Security Enhanced Linux. Prentice Hall, 2006.
18. Aarthi Nagarajan, Vijay Varadharajan, and Michael Hitchens. Trust Management for Trusted Computing Platforms in Web Services. In STC 07: The Second ACM Workshop on Scalable Trusted Computing, under ACM CCS 07, Virginia, USA, 2007. ACM.
19. Jaehong Park and Ravi Sandhu. Towards Usage Control Models: Beyond Traditional Access Control. In SACMAT '02: Proceedings of the seventh ACM symposium on Access control models and technologies, pages 57{64, New York, NY, USA, 2002. ACM Press.
20. Siani Pearson. Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall PTR, Upper Saddle River, NJ, USA, 2002.
21. Ahmad-Reza Sadeghi and Christian Stüuble. Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms. In NSPW '04: Proceedings of the 2004 Workshop on New Security Paradigms, pages 67{77, New York, NY, USA, 2004. ACM Press.
22. David Saord, Je Kravitz, and Leendert van Doorn. Take Control of TCPA. Linux J., 2003(112):2, 2003.
23. Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pages 16{16, Berkeley, CA, USA, 2004. USENIX Association.
24. Elaine Shi, Adrian Perrig, and Leendert Van Doorn. BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In SP '05: Proceedings of the 2005 IEEE Symposium on Security and Privacy, pages 154{168, Washington, DC, USA, 2005. IEEE Computer Society.
25. Z. Song, S. Lee, and R. Masuoka. Trusted web service. The Second Workshop on Advances in Trusted Computing (WATC S06 Fall), 2006.
26. Web Services Policy 1.2. http://www.w3.org/Submission/WS-Policy/.
27. XACML 2.0 Specification Set. Available at: http://www.oasis-open.org/ committees/tc-home.php? wg-abbrev=xacml.
28. S. Yoshihama, T. Ebringer, M. Nakamura, S. Munetoh, T. Mishina, and H. Maruyama. WS-Attestation: Enabling Trusted Computing on Web Services. Test and Analysis of Web Services, pages 441{469, 2007.