Journal of the ACM (JACM)
Improving IPC by kernel design
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The design and implementation of a certifying compiler
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Improving the TCPA Specification
Computer
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Computer
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Symmetric behavior-based trust: a new paradigm for internet computing
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Layering negotiations for flexible attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Linking remote attestation to secure tunnel endpoints
Proceedings of the first ACM workshop on Scalable trusted computing
Daonity: grid security with behaviour conformity from trusted computing
Proceedings of the first ACM workshop on Scalable trusted computing
Security and Trust in IT Business Outsourcing: a Manifesto
Electronic Notes in Theoretical Computer Science (ENTCS)
Information Security Tech. Report
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Realizing property-based attestation and sealing with commonly available hard- and software
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Trust management for trusted computing platforms in web services
Proceedings of the 2007 ACM workshop on Scalable trusted computing
A technical architecture for enforcing usage control requirements in service-oriented architectures
Proceedings of the 2007 ACM workshop on Secure web services
Towards automated provisioning of secure virtualized networks
Proceedings of the 14th ACM conference on Computer and communications security
Policy enforcement and compliance proofs for Xen virtual machines
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Remote Attestation on Legacy Operating Systems With Trusted Platform Modules
Electronic Notes in Theoretical Computer Science (ENTCS)
Secure storage using a sealing proxy
Proceedings of the 1st European Workshop on System Security
Turtles all the way down: research challenges in user-based attestation
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Model-based behavioral attestation
Proceedings of the 13th ACM symposium on Access control models and technologies
Practical Techniques for Operating System Attestation
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
TOCTOU, Traps, and Trusted Computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Towards Trust Services for Language-Based Virtual Machines for Grid Computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
On the Applicability of Trusted Computing in Distributed Authorization Using Web Services
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Securing Grid Workflows with Trusted Computing
ICCS '08 Proceedings of the 8th international conference on Computational Science, Part III
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
A Demonstrative Ad Hoc Attestation System
ISC '08 Proceedings of the 11th international conference on Information Security
Property-Based Attestation without a Trusted Third Party
ISC '08 Proceedings of the 11th international conference on Information Security
Improving the scalability of platform attestation
Proceedings of the 3rd ACM workshop on Scalable trusted computing
An efficient implementation of trusted channels based on openssl
Proceedings of the 3rd ACM workshop on Scalable trusted computing
e-EMV: emulating EMV for internet payments with trusted computing technologies
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Behavioral attestation for web services (BA4WS)
Proceedings of the 2008 ACM workshop on Secure web services
Remote attestation on legacy operating systems with trusted platform modules
Science of Computer Programming
Attestation: Evidence and Trust
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Trustworthy clients: Extending TNC to web-based environments
Computer Communications
Integrity Management Infrastructure for Trusted Computing
IEICE - Transactions on Information and Systems
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Trustable Remote Verification of Web Services
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Trustworthy Log Reconciliation for Distributed Virtual Organisations
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
A Property-Dependent Agent Transfer Protocol
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
An Integrity Assurance Mechanism for Run-Time Programs
Information Security and Cryptology
Trusted Computing: Security and Applications
Cryptologia
Tagging the Turtle: Local Attestation for Kiosk Computing
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
SAConf: Semantic Attestation of Software Configurations
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
ALOPA: Authorization Logic for Property Attestation in Trusted Platforms
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
A practical property-based bootstrap architecture
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Towards multilaterally secure computing platforms-with open source and trusted computing
Information Security Tech. Report
Towards automated security policy enforcement in multi-tenant virtual data centers
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
A security-enhanced remote platform integrity attestation scheme
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Trusted virtual containers on demand
Proceedings of the fifth ACM workshop on Scalable trusted computing
Managing application whitelists in trusted distributed systems
Future Generation Computer Systems
Group-based attestation: enhancing privacy and management in remote attestation
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Modelling dynamic trust with property based attestation in trusted platforms
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Real-time remote attestation with privacy protection
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
SCOBA: source code based attestation on custom software
Proceedings of the 26th Annual Computer Security Applications Conference
An approach to introducing locality in remote attestation using near field communications
The Journal of Supercomputing
Dynamic trust enhanced security model for trusted platform based services
Future Generation Computer Systems
Policy-based attestation of service behavior for establishing rigorous trust
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Trusted virtual domains: toward secure distributed services
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
Identification of security requirements in systems of systems by functional security analysis
Architecting dependable systems VII
Practical property-based attestation on mobile devices
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Towards permission-based attestation for the Android platform
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Certainlogic: a logic for modeling trust and uncertainty
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Scalable trust establishment with software reputation
Proceedings of the sixth ACM workshop on Scalable trusted computing
On scalability of remote attestation
Proceedings of the sixth ACM workshop on Scalable trusted computing
Achieving attestation with less effort: an indirect and configurable approach to integrity reporting
Proceedings of the sixth ACM workshop on Scalable trusted computing
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Trusted computing enhanced user authentication with OpenID and trustworthy user interface
International Journal of Internet Technology and Secured Transactions
Enforcing trust in pervasive computing with trusted computing technology
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Towards multilateral-secure DRM platforms
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Secure data management in trusted computing
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Security model oriented attestation on dynamically reconfigurable component-based systems
Journal of Network and Computer Applications
Bridging the gap between inter-communication boundary and internal trusted components
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Trusted isolation environment: an attestation architecture with usage control model
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Remote attestation on function execution (work-in-progress)
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Scalable remote attestation with privacy protection
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Privacy enhanced trusted network connect
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Trusted integrity measurement and reporting for virtualized platforms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
An abstract model of a trusted platform
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Modeling TCG-Based secure systems with colored petri nets
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
acTvSM: a dynamic virtualization platform for enforcement of application integrity
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Delegating secure logging in pervasive computing systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Analysis of existing remote attestation techniques
Security and Communication Networks
Enhancing grid security using trusted virtualization
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Enabling fairer digital rights management with trusted computing
ISC'07 Proceedings of the 10th international conference on Information Security
Attestation of mobile baseband stacks
NSS'12 Proceedings of the 6th international conference on Network and System Security
Behavioral Attestation for Web Services Based Business Processes
International Journal of Web Services Research
A framework for evaluating trust of service providers in cloud marketplaces
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Behavioral Attestation for Web Services using access policies
Multimedia Tools and Applications
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Design and implementation of an efficient framework for behaviour attestation using n-call slides
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
| Hi-index | 0.00 |
Over the past years, the computing industry has started various initiatives announced to increase computer security by means of new hardware architectures. The most notable effort is the Trusted Computing Group (TCG) and the Next-Generation Secure Computing Base (NGSCB). This technology offers useful new functionalities as the possibility to verify the integrity of a platform (attestation) or binding quantities on a specific platform (sealing).In this paper, we point out the deficiencies of the attestation and sealing functionalities proposed by the existing specification of the TCG: we show that these mechanisms can be misused to discriminate certain platforms, i.e., their operating systems and consequently the corresponding vendors. A particular problem in this context is that of managing the multitude of possible configurations. Moreover, we highlight other shortcomings related to the attestation, namely system updates and backup. Clearly, the consequences caused by these problems lead to an unsatisfactory situation both for the private and business branch, and to an unbalanced market when such platforms are in wide use.To overcome these problems generally, we propose a completely new approach: the attestation of a platform should not depend on the specific software or/and hardware (configuration) as it is today's practice but only on the "properties" that the platform offers. Thus, a property-based attestation should only verify whether these properties are sufficient to fulfill certain (security) requirements of the party who asks for attestation. We propose and discuss a variety of solutions based on the existing Trusted Computing (TC) functionality. We also demonstrate, how a property-based attestation protocol can be realized based on the existing TC hardware such as a Trusted Platform Module (TPM).