An Integrity Assurance Mechanism for Run-Time Programs

Authors:
Ziyao Xu;Yeping He;Lingli Deng
Affiliations:
Institute of Software, Chinese Academy of Sciences, Beijing, China 1000190 and Graduate School, Chinese Academy of Sciences, Beijing, China 100049;Institute of Software, Chinese Academy of Sciences, Beijing, China 1000190;Institute of Software, Chinese Academy of Sciences, Beijing, China 1000190 and Graduate School, Chinese Academy of Sciences, Beijing, China 100049
Venue:
Information Security and Cryptology
Year:
2009

Citing 18
Cited 0

Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Attestation-based policy enforcement for remote access

Proceedings of the 11th ACM conference on Computer and communications security
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Peer-to-peer access control architecture using trusted computing technology

Proceedings of the tenth ACM symposium on Access control models and technologies
Property-based attestation for computing platforms: caring about properties, not mechanisms

NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems

Proceedings of the twentieth ACM symposium on Operating systems principles
Enhancing Data Authenticity and Integrity in P2P Systems

IEEE Internet Computing
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Secure information sharing enabled by Trusted Computing and PEI models

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
PRIMA: policy-reduced integrity measurement architecture

Proceedings of the eleventh ACM symposium on Access control models and technologies
SecureBus: towards application-transparent trusted computing with mandatory access control

ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Flexible OS support and applications for trusted computing

HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing

VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
vTPM: virtualizing the trusted platform module

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Trusted virtual domains: toward secure distributed services

HotDep'05 Proceedings of the First conference on Hot topics in system dependability

Quantified Score

Hi-index	0.00

Visualization

Abstract

To conquer the weakness of existing integrity measurement and verification mechanisms based on trusted computing technology, an integrity assurance mechanism for run-time programs is proposed in this paper. Based on a dynamic integrity measuring module, the proposed integrity assurance mechanism solves the difficulties that may be encountered when attesting to the integrity of running programs. The paper also describes the design and implementation details of the proposed module. An example of applying the proposed mechanism to protect the vTPM instances in Xen hypervisor is presented at last.