On the feasibility of remote attestation for web services

Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009

Volumn 3, Issue , 2009, Pages 283-288

  Lyle, John ^a   Martin, Andrew ^a  

^a UNIVERSITY OF OXFORD   (United Kingdom)

Author keywords

Attestation; Integrity reporting; Software update; Trusted computing; Web services

Indexed keywords

INTEGRITY REPORTING; REMOTE ATTESTATION; SOFTWARE CONFIGURATION; SOFTWARE UPDATES; TRUSTED COMPUTING;

COMPUTER SCIENCE; NETWORK SECURITY; WEB SERVICES;

COMPUTER SOFTWARE;

EID: 70849102264     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSE.2009.213     Document Type: Conference Paper

References (20)

1. Trusted Computing Group, "Trusted computing group home page, " 2009. [Online]. Available: https://www.trustedcomputinggroup.org/home.
2. -, "Infrastructure working group architecture part ii: Integrity management, " 2006. [Online]. Available: http://www.trustedcomputinggroup. org/resources/.
3. A.-R. Sadeghi and C. Stüble, "Property-based attestation for computing platforms: caring about properties, not mechanisms, " in NSPW '04. ACM Press, 2004, pp. 67-77.
4. J. A. Poritz, "Trust[ed | in] computing, signed code and the heat death of the internet, " in SAC '06. ACM Press, 2006, pp. 1855-1859.
5. U. Kühn, M. Selhorst, and C. Stüble, "Realizing propertybased attestation and sealing with commonly available hardand software, " in Scalable Trusted Computing. ACM, 2007, pp. 50-57.
6. D. Schellekens, B. Wyseur, and B. Preneel, "Remote attestation on legacy operating systems with trusted platform modules, " in REM 2007, 2008, pp. 59-72.
7. P. England, "Practical techniques for operating system attestation, " in Trust 2008, ser. LNCS. Springer Berlin/Heidelberg, 2008, pp. 1-13.
8. V. Haldar, D. Chandra, and M. Franz, "Semantic Remote Attestation - virtual machine directed approach to trusted computing, " in Virtual Machine Research and Technology Symposium. USENIX, 2004, pp. 29-41.
9. R. Sailer, T. Jaeger, X. Zhang, and L. van Doorn, "Attestationbased policy enforcement for remote access, " in CCS '04. ACM, 2004, pp. 308-317.
10. M. P. Papazoglou and J.-j. Dubray, "A survey of web service technologies, " Informatica e Telecomunicazioni, University of Trento, Tech. Rep. DIT-04-058, 2004.
11. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn, "Design and implementation of a TCG-based integrity measurement architecture, " in USENIX Security Symposium, 2004, pp. 223- 238.
12. K. Dietrich, M. Pirker, T. Vejda, R. Toegl, T. Winkler, and P. Lipp, "A practical approach for establishing trust relationships between remote platforms using trusted computing, " in Trustworthy Global Computing, ser. LNCS. Springer, 2007, pp. 156-168.
13. E. Pelegri-Llopart, Y. Yoshida, and A. Moussine- Pouchkine, "Delivering a Java EE application server, " 2007. [Online]. Available: https://glassfish.dev.java.net/faq/v2/GlassFishOverview.pdf.
14. J. M. McCune, B. Parno, A. Perrig, M. K. Reiter, and A. Seshadri, "Minimal TCB code execution, " in IEEE Symposium on Security and Privacy, 2007, pp. 267-272.
15. S. Munetoh, M. Nakamura, S. Yoshihama, and M. Kudo, "Integrity management infrastructure for trusted computing, " IEICE Trans Inf Syst, pp. 1242-1251, 2008.
16. Loscocco et al., "The inevitability of failure: the flawed assumption of security in modern computing environments, " in National Information Systems Security Conference, 1998.
17. A. Niederl and M. Pirker, "Build guide for bootstrapping a reduced trusted Java compartment, " 2009. [Online]. Available: http://trustedjava. sourceforge.net/index.php?item=pca/compartment.
18. J. Wei, L. Singaravelu, and C. Pu, "A secure information flow architecture for web service platforms, " IEEE Trans. Services Comput., vol. 1, pp. 75-87, 2008.
19. M. Franklin, K. Mitcham, S. Smith, J. Stabiner, and O. Wild, "CA-in-a-Box, " in EuroPKI, ser. LNCS. Springer, 2005, pp. 180-190.
20. T. Jaeger, R. Sailer, and U. Shankar, "PRIMA: policy-reduced integrity measurement architecture, " in SACMAT '06, 2006, pp. 19-28.