Name
Title | ||
|---|---|---|
Bridging the gap between inter-communication boundary and internal trusted components |
Abstract | ||
|---|---|---|
Despite increasing needs for the coalition-based resource sharing, establishing trusted coalition of nodes in an untrusted computing environment is a long-standing yet increasingly important issue to be solved. The Trusted virtual domain (TVD) is a new model for establishing trusted coalitions over heterogeneous and highly decentralized computing environment. The key technology to enable TVD is the integrity assurance mechanism, which allows a remote challenger to verify the configuration and state of a node. A modern computer system consists of a multi-layer stack of software, such as a hypervisor, a virtual machine, an operating system, middleware, etc. The integrity assurance of software components is established by chains of assurance from the trusted computing base (TCB) at the lowest layer, while the communication interface provided by nodes should be properly abstracted at a higher layer to support interoperable communication and the fine-grained handling of expressive messages. To fill the gap between ”secure communication between nodes” and ”secure communication between trusted components”, a notion of ”Secure Message Router (SMR)”, domain-independent, easy to verify, multi-functional communication wrapper for secure communication is introduced in this paper. The SMR provides essential features to establish TVDs : end-to-end secure channel establishment, policy-based message translation and routing, and attestability using fixed clean implementation. A virtual machine-based implementation with a Web service interface is also discussed. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1007/11863908_5 | ESORICS |
Keywords | Field | DocType |
integrity assurance,interoperable communication,decentralized computing environment,untrusted computing environment,secure communication,inter-communication boundary,integrity assurance mechanism,multi-functional communication wrapper,end-to-end secure channel establishment,trusted virtual domain,communication interface,software component,trusted computing,virtual machine,trusted computing base,middleware,web service,operating system,resource sharing | Trusted Network Connect,Virtual machine,Trusted Computing,Computer security,Decentralized computing,Computer science,Direct Anonymous Attestation,Trusted service manager,Trusted computing base,Secure communication,Distributed computing | Conference |
Volume | ISSN | ISBN |
4189 | 0302-9743 | 3-540-44601-X |
Citations | PageRank | References |
5 | 0.57 | 10 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yuji Watanabe | 1 | 21 | 2.72 |
| Sachiko Yoshihama | 2 | 139 | 12.28 |
| Takuya Mishina | 3 | 20 | 3.16 |
| Michiharu Kudo | 4 | 389 | 36.72 |
| Hiroshi Maruyama | 5 | 56 | 11.03 |