It is the cache of ${baseHref}. It is a snapshot of the page. The current page could have changed in the meantime.
Tip: To quickly find your search term on this page, press Ctrl+F or ⌘-F (Mac) and use the find bar.

Software Behavior Based Trustworthiness Attestation For Computing Platform | Chen | Journal of Software
Journal of Software, Vol 7, No 1 (2012), 55-60, Jan 2012
doi:10.4304/jsw.7.1.55-60

Software Behavior Based Trustworthiness Attestation For Computing Platform

Peiqiang Chen

Abstract


With a prevalence of pervasive computing, especially cloud computing , the software is at the core and play a vital role. This advance the security problem, so software trust is drawing increasing attention. Therefore, we need a unified trust relationship model between entities, which captures both the needs of the traditional computing world and the world of pervasive computing where the continuum of trust is based on identity, physical context or a combination of both. Here, we presents a software behavior based attestation model which try to determine the trust state of attesting platform from its system trust related behaviors. The new attestation model has advantages of privacy protection and high feasibility. In addition, it can also help to control and limit the impacts of security accidents such as malicious code in system. This paper also proposes a trust framework for service oriented application and displays its formalization model. It is useful for designing trust and reliable system and helpful for software developer’s analysis and validation of the application.


Keywords


Trusted formal definition, Trusted computing, Software behavior, Trusted attestation

References


TCG. TCG Specification Architecture Overview,Version1.4. http://www.trustedcomputinggroup.org/

[2] Ahmad-Reza Sadeghi, Christian Stüble. Property-based Attestation for Computing Platforms: Caring about prop erties, not mechanisms. New Security Paradigms Works hop, September 2004.

[3] J. Poritz, M. Schunter, E.V. Herreweghen, and M. Waidner.Property attestation — scalable and privacy-friendly security assessment of peer computers, IBM Research Report RZ 3548, 2004. http://domino.watson.ibm.com/library/cyberdig.nsf/papers/215E33C2B4F7FA485256E97002A0D6C/$File/rz3548.pdf.

[4] E. Shi, A. Perrig, and L. van Doorn. Bind: A fine-grained attestation service for secure distributed systems. In Proc. of the IEEE Symposium on Security and Privacy, pages 154--168, 2005.

[5] D.H. McKnight, N.L. Chervany, The Meanings of Trust, Technical Report,University of Minnesota, 1996.

[6] TCG. TCG Specification Architecture Overview,Version1.2. https://www.trustedApplicationgroup.org.

[7] Andrews, D. “Formal methods and software development”, Software Engineering: Education and Practice, IEEE Computer Society Press, 1996, pp.106-113.

[8] Aliaksei Yanchuk, Alexander Ivanyukovich, Maurizio Marchese, “A Lightweight Formal Framework for Service- Oriented Applications Design” ICSOC 2005 LNCS 3826, 2005, pp. 545-551.

[9] J. Zhang. “Trustworthy web services: Actions for now”, IT Professional, Vol. 7, No. 1, 2005, pp. 32-36.
http://dx.doi.org/10.1109/MITP.2005.1407802

[10] Sungkeun Park, Ling Liu, Calton Pu, Mudhakar Srivatsa, Jianjun Zhang, “Resilient Trust Management for Web Service Integration”, ICWS 2005, pp.499-506.

[11] Adrian Baldwin, Simon Shiu, Marco Casassa Mont, “Trust Services: A Framework for Service-Based Solutions”, COMPSAC 2002, pp.507-513.

[12] William A. Arbaugh, David J. Farber & Jonathan M. Smith: A Secure and Reliable Bootstrap Architecture, in:Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 65-71, May 1997.

[13] Huang Tao, Shen Chang-Xiang. A Trusted Bootstrap Scenario Based Trusted Server, Journal of Wuhan University (Nat. Sci. Ed.), Oct. 2004,Vol.50 No.S1:12-14.

[14] J. Marchesini, S.W. Smith, O. Wild, J. Stabiner, and A.Barsamian. Open-source applications of TCPA hardware. In Applied Computer Security Applications Conference, 2004.
http://dx.doi.org/10.1109/CSAC.2004.25

[15] Daniel A. Menascé, Security Performance, IEEE Internet Computing,Vol.7,no.3,2003:84-87.
http://dx.doi.org/10.1109/MIC.2003.1200305

[16] Amtel. Trusted Platform Module AT97SC3201 Summary. http://www.atmel.com/atmel/acrobat/2015s.pdf.

[17] R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of USENIX Security Symposium, pages 223–238, Aug. 2004.

[18] A.Seshadri, A.Perrig, L. van Doorn, and P. Khosla. SWAtt:SoftWare-based Attestation for embedded devices. In Proceedings of IEEE Symposium on Security and Privacy, May 2004.
http://dx.doi.org/10.1109/SECPRI.2004.1301329

[19] V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation - a virtual machine directed approach to trusted computing. In Proc. of the Third virtual Machine Research and Technology Symposium. USENIX, 2004.


Full Text: PDF


Journal of Software (JSW, ISSN 1796-217X)

Copyright @ 2006-2014 by ACADEMY PUBLISHER – All rights reserved.