Authentication in the Taos operating system
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
A lattice model of secure information flow
Communications of the ACM
Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
Computer
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
LOMAC: Low Water-Mark Integrity Protection for COTS Environments
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Resolving constraint conflicts
Proceedings of the ninth ACM symposium on Access control models and technologies
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Chinese-wall process confinement for practical distributed coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
A trusted mobile phone reference architecturevia secure kernel
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Linux kernel integrity measurement using contextual inspection
Proceedings of the 2007 ACM workshop on Scalable trusted computing
A technical architecture for enforcing usage control requirements in service-oriented architectures
Proceedings of the 2007 ACM workshop on Secure web services
TVDc: managing security in the trusted virtual datacenter
ACM SIGOPS Operating Systems Review
Measuring integrity on mobile phone systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Visualization based policy analysis: case study in SELinux
Proceedings of the 13th ACM symposium on Access control models and technologies
Model-based behavioral attestation
Proceedings of the 13th ACM symposium on Access control models and technologies
Towards Trust Services for Language-Based Virtual Machines for Grid Computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Remote attestation on program execution
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Behavioral attestation for web services (BA4WS)
Proceedings of the 2008 ACM workshop on Secure web services
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Trustable Remote Verification of Web Services
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
An Integrity Assurance Mechanism for Run-Time Programs
Information Security and Cryptology
SAConf: Semantic Attestation of Software Configurations
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
User-centric handling of identity agent compromise
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Realizing dynamic behavior attestation for mobile platforms
Proceedings of the 7th International Conference on Frontiers of Information Technology
Security for the cloud infrastructure: trusted virtual data center implementation
IBM Journal of Research and Development
Seeding clouds with trust anchors
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Implementing an application-specific credential platform using late-launched mobile trusted module
Proceedings of the fifth ACM workshop on Scalable trusted computing
DR@FT: efficient remote attestation framework for dynamic systems
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Real-time remote attestation with privacy protection
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
SCOBA: source code based attestation on custom software
Proceedings of the 26th Annual Computer Security Applications Conference
Semantic attestation of node integrity in overlays
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
SEIP: simple and efficient integrity protection for open mobile platforms
ICICS'10 Proceedings of the 12th international conference on Information and communications security
CyberGuarder: A virtualization security assurance architecture for green cloud computing
Future Generation Computer Systems
Scalable trust establishment with software reputation
Proceedings of the sixth ACM workshop on Scalable trusted computing
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Behavior analysis-based dynamic trust measurement model
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Identifying native applications with high assurance
Proceedings of the second ACM conference on Data and Application Security and Privacy
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
Security model oriented attestation on dynamically reconfigurable component-based systems
Journal of Network and Computer Applications
Trusted isolation environment: an attestation architecture with usage control model
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
On design of a trusted software base with support of TPCM
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Remote attestation on function execution (work-in-progress)
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Scalable remote attestation with privacy protection
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Modeling TCG-Based secure systems with colored petri nets
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
On leveraging stochastic models for remote attestation
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
A sense of others: behavioral attestation of UNIX processes on remote platforms
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Scalable integrity-guaranteed AJAX
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
JMF: Java measurement framework: language-supported runtime integrity measurement
Proceedings of the seventh ACM workshop on Scalable trusted computing
Analysis of existing remote attestation techniques
Security and Communication Networks
Enhancing grid security using trusted virtualization
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Study of trustworthiness measurement and kernel modules accessing address space of any process
ICICA'12 Proceedings of the Third international conference on Information Computing and Applications
Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication
Behavioral Attestation for Web Services using access policies
Multimedia Tools and Applications
DroidBarrier: know what is executing on your android
Proceedings of the 4th ACM conference on Data and application security and privacy
Design and implementation of an efficient framework for behaviour attestation using n-call slides
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
| Hi-index | 0.00 |
We propose an integrity measurement approach based on information flow integrity,which we call the Policy-Reduced Integrity Measurement Architecture (PRIMA).The recent availability of secure hardware has made it practical for a system to measure its own integrity, such that it can generate an integrity proof for remote parties. Various approaches have been proposed,but most simply measure the loaded code and static data to approximate runtime system integrity.We find that these approaches suffer from two problems: (1)the load-time measurements of code alone do not accurately reflect runtime behaviors,such as the use of untrusted network data,and (2) they are ineficient,requiring all measured entities to be known and fully trusted even if they have no impact on the target application.Classical integrity models are based on information flow,so we design the PRIMA approach to enable measurement of information flow integrity and prove that it achieves these goals. We prove how a remote party can verify useful information flow integrity properties using PRIMA. A PRIMA prototype has been built based on the open-source Linux Integrity Measurement Architecture (IMA)using SELinux policies to provide the information flow.