On the Applicability of Trusted Computing in Distributed Authorization Using Web Services

Authors:
Aarthi Nagarajan;Vijay Varadharajan;Michael Hitchens;Saurabh Arora
Affiliations:
Macquarie University, Sydney, Australia;Macquarie University, Sydney, Australia;Macquarie University, Sydney, Australia;The Royal Institute of Technology, , Stockholm, Sweden
Venue:
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Year:
2008

Citing 8
Cited 1

Referee: trust management for Web applications

World Wide Web Journal - Special issue: Web security: a matter of trust
XML document security based on provisional authorization

Proceedings of the 7th ACM conference on Computer and communications security
Binder, a Logic-Based Security Language

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Property-based attestation for computing platforms: caring about properties, not mechanisms

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
A protocol for property-based attestation

Proceedings of the first ACM workshop on Scalable trusted computing
Trust management for trusted computing platforms in web services

Proceedings of the 2007 ACM workshop on Scalable trusted computing

ALOPA: Authorization Logic for Property Attestation in Trusted Platforms

ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Distributed authorization provides the ability to control access to resources spread over the Internet. Typical authorization systems consider a range of security information like user identities, role identities or even temporal, spatial and contextual information associated with the access requestor. However, the ability to include computing platform related information has been quite limited due to constraints in identification and validation of platforms when distributed. Trusted computing is an exciting technology that can provide new ways to bridge this gap. In this paper, we provide the first steps necessary to achieving distributed authorization using trusted computing platforms. We introduce the notion of a Property Manifest that can be used in the specification of authorization policies. We provide an overview of our authorization architecture, its components and functions. We then illustrate the applicability of our system by implementing it in a Web service oriented architecture.