Model-based behavioral attestation

Authors:
Masoom Alam;Xinwen Zhang;Mohammad Nauman;Tamleek Ali;Jean-Pierre Seifert
Affiliations:
Institute of Management, Sciences, Pakistan;Samsung Information Systems, America, San Jose, CA;Institute of Management, Sciences, Pakistan;Institute of Management, Sciences, Pakistan;Samsung Information Systems, America, San Jose, CA
Venue:
Proceedings of the 13th ACM symposium on Access control models and technologies
Year:
2008

Citing 11
Cited 16

Rationale for the RBAC96 family of access control models

RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Towards usage control models: beyond traditional access control

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Lattice-Based Access Control Models

Computer
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Property-based attestation for computing platforms: caring about properties, not mechanisms

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Formal model and policy specification of usage control

ACM Transactions on Information and System Security (TISSEC)
PRIMA: policy-reduced integrity measurement architecture

Proceedings of the eleventh ACM symposium on Access control models and technologies
A protocol for property-based attestation

Proceedings of the first ACM workshop on Scalable trusted computing
An Efficient Attestation for Trustworthiness of Computing Platform

IIH-MSP '06 Proceedings of the 2006 International Conference on Intelligent Information Hiding and Multimedia
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing

VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3

Behavioral attestation for web services (BA4WS)

Proceedings of the 2008 ACM workshop on Secure web services
Remote Attestation of Attribute Updates and Information Flows in a UCON System

Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
A practical property-based bootstrap architecture

Proceedings of the 2009 ACM workshop on Scalable trusted computing
Extending IPsec for efficient remote attestation

FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Practical property-based attestation on mobile devices

TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
On scalability of remote attestation

Proceedings of the sixth ACM workshop on Scalable trusted computing
Security model oriented attestation on dynamically reconfigurable component-based systems

Journal of Network and Computer Applications
Trusted isolation environment: an attestation architecture with usage control model

ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Scalable remote attestation with privacy protection

INTRUST'09 Proceedings of the First international conference on Trusted Systems
An abstract model of a trusted platform

INTRUST'10 Proceedings of the Second international conference on Trusted Systems
On leveraging stochastic models for remote attestation

INTRUST'10 Proceedings of the Second international conference on Trusted Systems
A sense of others: behavioral attestation of UNIX processes on remote platforms

Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Survey: Usage control in computer security: A survey

Computer Science Review
Analysis of existing remote attestation techniques

Security and Communication Networks
Behavioral Attestation for Web Services using access policies

Multimedia Tools and Applications
Design and implementation of an efficient framework for behaviour attestation using n-call slides

Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication

Quantified Score

Hi-index	0.00

Visualization

Abstract

Remote attestation is an important characteristic of trusted computing technology which provides reliable evidence that a trusted environment actually exists. Existing approaches for the realization of remote attestation measure the trustworthiness of a target platform from its binaries, configurations, properties or security policies. All these approaches are low-level attestation techniques only, and none of them define what a trusted behavior actually is and how to specify it. In this paper, we present a novel approach where the trustworthiness of a platform is associated with the behavior of a policy model. In our approach, the behavior of a policy model is attested rather than a software or hardware platform. Thus, the attestation feature is not tied to a specific software or hardware platform, or to a particular remote attestation technique, or to an individual type of security policy. We select usage control (UCON) as our target policy model as it is a comprehensive and exible model. We propose a framework to identify, specify, and attest different behaviors of UCON.