POPL '90 Proceedings of the 17th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamic typing in a statically typed language
ACM Transactions on Programming Languages and Systems (TOPLAS)
A calculus of mobile processes, I
Information and Computation
Program fragments, linking, and modularization
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On bisimulations of the asynchronous &pgr;-calculus
Theoretical Computer Science
A calculus for cryptographic protocols
Information and Computation
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Authentication primitives and their compilation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Communications of the ACM
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Resource access control in systems of mobile agents
Information and Computation
Secure implementation of channel abstractions
Information and Computation
Improving the TCPA Specification
Computer
Secure Information Flow as Typed Process Behaviour
ESOP '00 Proceedings of the 9th European Symposium on Programming Languages and Systems
Proceedings of the 5th ACM Conference on Functional Programming Languages and Computer Architecture
On Asynchronous Communication Semantics
ECOOP '91 Proceedings of the Workshop on Object-Based Concurrent Computing
Proceedings of the 15th Conference on Foundations of Software Technology and Theoretical Computer Science
A cautionary note regarding the data integrity capacity of certain secure systems
Proceedings of the IFIP TC11/WG11.5 Fourth Working Conference on Integrity, Internal Control and Security in Information Systems: Connecting Governance and Technology
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Trust and Partial Typing in Open Systems of Mobile Agents
Journal of Automated Reasoning
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Symmetric behavior-based trust: a new paradigm for internet computing
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Analysis of Typed Analyses of Authentication Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Trusted Computing Platforms: TCPA Technology in Context
Trusted Computing Platforms: TCPA Technology in Context
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
A Type Discipline for Authorization in Distributed Systems
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
ICALP'03 Proceedings of the 30th international conference on Automata, languages and programming
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
| Hi-index | 0.00 |
Remote attestation allows programs running on trusted hardware to prove their identity (and that of their environment) to programs on other hosts. Remote attestation can be used to address security concerns if programs agree on the meaning of data in attestations. This paper studies the enforcement of code-identity based access control policies in a hostile distributed environment, using a combination of remote attestation, dynamic types, and typechecking. This ensures that programs agree on the meaning of data and cannot violate the access control policy, even in the presence of opponent processes. The formal setting is a π-calculus with secure channels, process identity, and remote attestation. Our approach allows executables to be typechecked and deployed independently, without the need for secure initial key and policy distribution beyond the trusted hardware itself.