Role-Based Access Control Models
Computer
Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
WS-Attestation: Efficient and Fine-Grained Remote Attestation on Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
On the Applicability of Trusted Computing in Distributed Authorization Using Web Services
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Behavioral attestation for web services (BA4WS)
Proceedings of the 2008 ACM workshop on Secure web services
A Property-Dependent Agent Transfer Protocol
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
ALOPA: Authorization Logic for Property Attestation in Trusted Platforms
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
Managing application whitelists in trusted distributed systems
Future Generation Computer Systems
Behavioral Attestation for Web Services using access policies
Multimedia Tools and Applications
| Hi-index | 0.00 |
The concept of trusted platforms using trusted computing technology such as the Trusted Platform Module (TPM) is becoming significant in that such technologies are being increasingly available in PCs and mobile devices today. When such trusted platforms are used in applications, one of the key design issues is the ability to capture platform level requirements and to represent them as security policies for authorization decision making. This paper makes some contributions which we believe are an important first step in achieving policy based decision making with trusted platforms. It outlines a platform based trust management framework for specification of trust policies. In this context, we argue the need for a higher level abstraction that is able to capture the lower level state of the platform and use this in the evaluation of trust between the communicating entities. We extend the notion of trusted platform properties by introducing the concept of Component Property Certificates, which can be used in specifying and building trust relationships. We then illustrate how component property certificates can be used in the specification of trust policies of different granularities.