A Model-Driven Framework for Trusted Computing Based Systems

  • Authors:

  • Masoom Alam;Jean-Pierre Seifert;Xinwen Zhang

  • Affiliations:

  • University of Innsbruck, AUSTRIA;Samsung Information Systems America, San Jose, CA,USA;Samsung Information Systems America, San Jose, CA,USA

  • Venue:
  • EDOC '07 Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference
  • Year:
  • 2007

Quantified Score

Hi-index 0.00

Visualization

Abstract

Existing approaches for Trust Management through soft- ware alone by their very principle are uncompromising and have inherent weaknesses. Once the information leaves the service provider platform, there is no way to guaran- tee the integrity of the information on the client (or service requestor) platform. The Trusted Computing Group pro- posed a quantum leap in security, a hardware based "root of trust" by which the integrity of a platform be a client or service provider can be verified. However, there is no approach for the integration of this novel but essentially straight forward concept into the distributed application de- velopment. We believe that the complexity of Trusted Com- puting (TC) is one of the key factors that will hinder its suc- cessful integration within the web services based distributed application realm. Model-driven techniques offer a promis- ing approach to alleviate the complexity of platforms. This contribution has three objectives. First, we detail SECTET a model-driven framework for leveraging TC concepts at a higher level of abstraction. We secondly elaborate the integration of platform-independent XACML policies with the platform-specific SELinux policies. Thirdly, we share our experiences regarding the implementation results of the SECTET on TC based systems.