Name
Abstract | ||
|---|---|---|
UCON is a highly flexible and expressive usage control model which allows an object owner to specify detailed usage control policies to be evaluated on a remote platform. Assurance of correct enforcement is mandatory for the establishment of trust on the remote platform claiming to implement UCON. Without such an assurance, there is no way of knowing whether the policies attached to the objects will be enforced as expected. Remote attestation, an important component of Trusted Computing, is highly suitable for establishing such an assurance. Existing approaches towards remote attestation work at a very coarse-grained level and mostly only measure binary hashes of the applications on the remote platform. Solutions at this level of abstraction cannot provide assurance to a challenger regarding behavior of a remote platform concerning enforcement of the owner's policies. In this paper, we provide a new remote attestation technique which allows a challenger to verify two important behaviors of a UCON system enforcing its policies. These two behaviors are the attribute update behavior and information flow behavior. Measuring, storing and reporting these behaviors in a trusted manner is described in detail and a mechanism for the verification of these behaviors against the original UCON policies is provided. The end result is a flexible and scalable technique for establishing trust on attribute updates and information flow behaviors of a remote UCON system. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1007/978-3-642-00587-9_5 | TRUST |
Keywords | Field | DocType |
information flow behavior,remote platform,important behavior,new remote attestation technique,attribute updates,ucon system,remote attestation,information flows,original ucon policy,remote ucon system,attribute update behavior,remote attestation work,information flow,security,trusted computing | Information flow (information theory),Internet privacy,Abstraction,Trusted Computing,Computer science,Computer security,Direct Anonymous Attestation,Hash function,Enforcement,Database,Scalability | Conference |
Volume | ISSN | Citations |
5471 | 0302-9743 | 13 |
PageRank | References | Authors |
0.87 | 20 | 4 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Mohammad Nauman | 1 | 482 | 38.84 |
| Alam Masoom | 2 | 161 | 18.45 |
| Zhang Xinwen | 3 | 1695 | 104.61 |
| Tamleek Ali | 4 | 92 | 8.66 |