Remote attestation of attribute updates and information flows in a ucon system

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5471 LNCS, Issue , 2009, Pages 63-80

  Nauman, Mohammad ^a   Alam, Masoom ^a   Zhang, Xinwen ^b   Ali, Tamleek ^a  

^a Institute of Management Sciences   (Pakistan)

^b SAMSUNG INFORMATION SYSTEMS AMERICA   (United States)

Author keywords

Information flow; Remote attestation; Security; Usage control

Indexed keywords

COARSE-GRAINED; INFORMATION FLOW; INFORMATION FLOWS; LEVEL OF ABSTRACTION; REMOTE ATTESTATION; SECURITY; TRUSTED COMPUTING; USAGE CONTROL;

COMPUTER SCIENCE;

EID: 70350630603     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-00587-9_5     Document Type: Conference Paper

References (25)

1. Park, J., Sandhu, R.: Towards Usage Control Models: Beyond Traditional Access Control. In: SACMAT 2002: Proceedings of the seventh ACM Symposium on Access Control Models and Technologies, pp. 57-64. ACM Press, New York (2002)
2. Trusted Computing Group, http://www.trustedcomputinggroup.org/
3. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: SSYM 2004: Proceedings of the 13th conference on USENIX Security Symposium, Berkeley, CA, USA, USENIX Association (2004)
4. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: SACMAT 2006: Proceedings of the eleventh ACM Symposium on Access Control Models and Technologies, pp. 19-28. ACM Press, New York (2006)
5. Sadeghi, A.R., Stüble, C.: Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms. In: NSPW 2004: Proceedings of the 2004 Workshop on New Security Paradigms, pp. 67-77. ACM Press, New York (2004)
6. Alam, M., Zhang, X., Nauman, M., Ali, T., Seifert, J.P.: Model-based Behavioral Attestation. In: SACMAT 2008: Proceedings of the thirteenth ACM symposium on Access control models and technologies. ACM Press, New York (2008)
7. Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: STC 2007: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, pp. 21-29. ACM, New York (2007)
8. Zhang, X., Nakae, M., Covington, M.J., Sandhu, R.S.: Toward a Usage-Based Security Framework for Collaborative Computing Systems. ACM Trans. Inf. Syst. Secur. 11(1) (2008)
9. Srivatsa, M., Balfe, S.: Trust Management For Secure Information Flows. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 175-187. ACM, New York (2008)
10. Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal Model and Policy Specification of Usage Control. ACM Trans. Inf. Syst. Secur. 8(4), 351-387 (2005)
11. Zhang, X., Sandhu, R., Parisi-Presicce, F.: Safety Analysis of Usage Control Authorization Models. In: ASIACCS 2006: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pp. 243-254. ACM, New York (2006)
12. Kanerva, P.: Anonymous Authorization in Networked Systems: An Implementation of Physical Access Control System. Masters Thesis. Helsinki University of Technology (March 2001)
13. Bella, G., Paulson, L.C., Massacci, F.: The Verification of an Industrial Payment Protocol: the SET Purchase Phase. In: CCS 2002: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 12-20. ACM, New York (2002)
14. TCG Software Stack (TSS) Specifications, https://www. trustedcomputinggroup.org/specs/TSS/
15. Trusted Computing for the Java(tm) Platform, http://trustedjava. sourceforge.net/
16. Java Community Process. JSR321: Trusted Computing API for Java, http://jcp.org/en/jsr/detail?id=321
17. Alam, M., Zhang, X., Nauman, M., Ali, T.: Behavioral Attestation forWeb Services (BA4WS). In: SWS 2008: Proceedings of the ACM Workshop on Secure Web Services (SWS) located at 15th ACM Conference on Computer and Communications Security (CCS-15). ACM Press, New York (2008)
18. Guttman, J.: Verifying Information Flow Goals in Security-Enhanced Linux. Journal of Computer Security 13(1), 115-134 (2005)
19. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504-513 (1977)
20. Myers, A.C.: JFlow: Practical Mostly-static Information Flow Control. In: POPL 1999: Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 228-241. ACM, New York (1999)
21. Haldar, V., Chandra, D., Franz, M.: Practical, Dynamic Information-flow for Virtual Machines, www.vivekhaldar.com/pubs/plid2005.pdf
22. Nair, S., Simpson, P., Crispo, B., Tanenbaum, A.: A Virtual Machine Based Information Flow Control System for Policy Enforcement. Electronic Notes in Theoretical Computer Science 197(1), 3-16 (2008)
23. Thober, M., Pendergrass, J.A., McDonell, C.D.: Improving Coherency of Runtime Integrity Measurement. In: STC 2008: Proceedings of the 2008 ACM Workshop on Scalable Trusted Computing. ACM, New York (2008)
24. Gu, L., Ding, X., Deng, R., Xie, B., Mei, H.: Remote Attestation on Program Execution. In: STC 2008: Proceedings of the 2008 ACM Workshop on Scalable Trusted Computing. ACM, New York (2008)
25. Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation - A Virtual Machine directed approach to Trusted Computing In. Proc. of the Third Virtual Macine Research and Technology Symposium USENIX (2004)