Role-Based Access Control Models
Computer
Engineering authority and trust in cyberspace: the OM-AM and RBAC way
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Protection and the control of information sharing in multics
Communications of the ACM
Capability-Based Computer Systems
Capability-Based Computer Systems
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Binding identities and attributes using digitally signed certificates
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Proceedings of the 11th ACM conference on Computer and communications security
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Enhancing Data Authenticity and Integrity in P2P Systems
IEEE Internet Computing
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Towards an open, trusted digital rights management platform
Proceedings of the ACM workshop on Digital rights management
Energy and execution time analysis of a software-based trusted platform module
Proceedings of the conference on Design, automation and test in Europe
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Secure content access and replication in pure P2P networks
Computer Communications
ISP'06 Proceedings of the 5th WSEAS International Conference on Information Security and Privacy
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
An access control mechanism for P2P collaborations
DaMaP '08 Proceedings of the 2008 international workshop on Data management in peer-to-peer systems
Enhanced Security by OS-Oriented Encapsulation in TPM-Enabled DRM
Information Security and Cryptology
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Analysis and design of a hardware/software trusted platform module for embedded systems
ACM Transactions on Embedded Computing Systems (TECS)
Trusted Reputation Management Service for Peer-to-Peer Collaboration
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
ATM: an automatic trust monitoring algorithm for service software
Proceedings of the 2009 ACM symposium on Applied Computing
Separation of Duty in Trust-Based Collaboration
Information Security and Cryptology
An Integrity Assurance Mechanism for Run-Time Programs
Information Security and Cryptology
Integrating Dirichlet reputation into usage control
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Trusted Computing: Security and Applications
Cryptologia
Secure offline superdistribution for mobile platforms
International Journal of Applied Cryptography
Distributed Privilege Enforcement in PACS
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Wake up or fall asleep-value implication of trusted computing
Information Technology and Management
A trusted decentralized access control framework for the client/server architecture
Journal of Network and Computer Applications
Privacy-preserving credentials upon trusted computing augmented servers
ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
Securing the distribution and storage of secrets with trusted platform modules
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
New paradigm of inference control with trusted computing
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
A semantic information retrieval advertisement and policy based system for a P2P network
DBISP2P'05/06 Proceedings of the 2005/2006 international conference on Databases, information systems, and peer-to-peer computing
Securing peer-to-peer distributions for mobile devices
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Distributed and secure access control in P2P databases
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
A new monitor model for enhancing trust-based systems
ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Semantic attestation of node integrity in overlays
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Attestation of integrity of overlay networks
Journal of Systems Architecture: the EUROMICRO Journal
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Orchestrating access control in peer data management systems
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
Increasing the resilience of critical SCADA systems using peer-to-peer overlays
ISARCS'10 Proceedings of the First international conference on Architecting Critical Systems
Enforcing sticky policies with TPM and virtualization
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Usage control in service-oriented architectures
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
A worm containment model based on neighbor-alarm
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Data usage control enforcement in distributed systems
Proceedings of the third ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
It has been recognized for some time that software alone does not provide an adequate foundation for building a high-assurance trusted platform. The emergence of industry-standard trusted computing technologies promises a revolution in this respect by providing roots of trust upon which secure applications can be developed. These technologies offer a particularly attractive platform for security in peer-to-peer environments. In this paper we propose a trusted computing architecture to enforce access control policies in such applications. Our architecture is based on an abstract layer of trusted hardware which can be constructed with emerging trusted computing technologies. A trusted reference monitor (TRM) is introduced beyond the trusted hardware. By monitoring and verifying the integrity and properties of running applications in a platform using the functions of trusted computing, the TRM can enforce various policies on behalf of object owners. We further extend this platform-based architecture to support user-based control policies, cooperating with existing services for user identity and attributes. This architecture and its refinements can be extended in future work to support general access control models such as lattice-based access control, role-based access control, and usage control.