The use of program dependence graphs in software engineering
ICSE '92 Proceedings of the 14th international conference on Software engineering
Securing Java: getting down to business with mobile code
Securing Java: getting down to business with mobile code
Composing Security-Aware Software
IEEE Software
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Saving the world from bad beans: deployment-time confinement checking
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Integrity Management in Component Based Systems
EUROMICRO '04 Proceedings of the 30th EUROMICRO Conference
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Analyzing web access control policies
Proceedings of the 16th international conference on World Wide Web
When Role Models Have Flaws: Static Validation of Enterprise Security Policies
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Policy-based Management: A Historical Perspective
Journal of Network and Systems Management
Model-based behavioral attestation
Proceedings of the 13th ACM symposium on Access control models and technologies
An Approach for Generation of J2EE Access Control Configurations from Requirements Specification
QSIC '08 Proceedings of the 2008 The Eighth International Conference on Quality Software
Remote attestation on program execution
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Autonomic Trust Management for a Component-Based Software System
IEEE Transactions on Dependable and Secure Computing
Autonomic trust management in a component based software system
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
Service policy enhancements for the OSGi service platform
CBSE'06 Proceedings of the 9th international conference on Component-Based Software Engineering
Dynamic reconfiguration and access to services in hierarchical component models
CBSE'06 Proceedings of the 9th international conference on Component-Based Software Engineering
Remote attestation on function execution (work-in-progress)
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Editorial: Special issue on trusted computing and communications
Journal of Network and Computer Applications
Hi-index | 0.00 |
As more and more component-based systems (CBS) run in the open and dynamic Internet, it is very important to establish trust between clients and CBS in mutually distrusted domains. One of the key mechanisms to establish trust among different platforms in an open and dynamic environment is remote attestation, which allows a platform to vouch for its trust-related characteristics to a remote challenger. This paper proposes a novel attestation scheme for a dynamically reconfigurable CBS to reliably prove whether its execution satisfies the specified security model, by introducing a TPM-based attestation service to dynamically monitor the execution of the CBS. When only parts of the dynamic CBS are concerned, our scheme enables fine-grained attestation on the execution of an individual component or a sub-system in the dynamic CBS, such that it involves only minimal overhead for attesting the target parts of the CBS. With flexible attestation support, the proposed attestation service can attest a CBS at the granularity from an individual component to the whole CBS. As a case study, we have applied the proposed scheme on OSGi systems and implemented a prototype based on JVMTI for Felix. The evaluation results show that the proposed scheme is both effective and practical.