WS-attestation: efficient and fine-grained remote attestation on Web services

Yoshihama, Sachiko; Ebringer, Tim; Nakamura, Megumi; Munetoh, Seiji; Maruyama, Hiroshi

doi:10.1109/icws.2005.136

Cited by 41 publications

(21 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…④ In the scheme presented in Ref. [13], the security of a platform's configuration is not considered, our scheme RABAC locates in the kernel of the operating system. RABAC is a component protected by trusted chain of the native platform.…”

Section: Performance Analysismentioning

confidence: 99%

See 1 more Smart Citation

Remote attestation-based access control on trusted computing platform

Liu

Zhang

et al. 2010

Wuhan Univ. J. Nat. Sci.

View full text Add to dashboard Cite

Existing remote attestation schemes based on trusted computing have some merits on enhancing security assurance level, but they usually do not integrate tightly with the classical system security mechanism. In this paper, we present a component named remote attestation-based access controller (RABAC), which is based on a combination of techniques, such as random number, Bell-La Padula (BLP) model, user identity combined with his security properties and so on. The component can validate the current hardware and software integrity of the remote platform, and implement access control with different security policy. We prove that the RABAC can not only improve the security of transferred information in remote attestation process but also integrate remote attestation and classical system security mechanism effectively.

show abstract

Section: Performance Analysismentioning

confidence: 99%

“…The security of a platform's configuration is not considered. The remote attestation on web services [13] is an efficient method, which uses a random nonce to protect measurements in platform configuration register (PCR). However, the attestation does not deal with the objects' security.…”

Section: Introductionmentioning

confidence: 99%

Remote attestation-based access control on trusted computing platform

Liu

Zhang

et al. 2010

Wuhan Univ. J. Nat. Sci.

View full text Add to dashboard Cite

show abstract

“…The WS-Attestation architecture [23] proposes a remote attestation mechanism (resulting in a service hash being generated). Though the WS-attestation allows the binding of attestation with application contexts, it is not flexible enough for clients to check the service properties they are interested in.…”

Section: Related Workmentioning

confidence: 99%

Policy-Based Attestation of Service Behavior for Establishing Rigorous Trust

Liu

Zic

2010

On the Move to Meaningful Internet Systems: OTM 2010

View full text Add to dashboard Cite

Abstract.A service is rigorously trusted if it can provide firm evidences to its users about its behavior. The evidences ensure that the service really follows its claimed behavior to process the requests and sensitive input data from users. In this paper, we propose a framework, which can attest the behavior of web services according to the trust policies specified by users. Different users may concern different aspects of service behavior. By using policies, this framework allows user-specific behavior attestation. In addition, this framework also protects service providers. When a user sends a service request, the framework needs the user to show that he has agreed on the service behavior. A case study is used to describe the critical processing steps of the framework to deliver rigorously trusted services.

show abstract

“…Yoshihama et al [51] propose a web service architecture to support and interpret attestation measurements (which may or may not be due to TC). An alternative approach is taken by Shi et al [39] who propose the Binding Instructions aNd Data (BIND) system, which is designed for fine-grained remote attestation of selected code that is important to the verifier.…”

Section: Next Stepsmentioning

confidence: 99%

Grid security: Next steps

Martin

Yau

2007

Information Security Technical Report

View full text Add to dashboard Cite

One of the more mature instances of a serviceoriented architecture is the model known as Grid Computing. Computational Grids and Data Grids are becoming commonplace in certain sectors, yet the style of security they implement is suitable only for a fairly small subset of possible user communities. Using some case studies and experience, we describe the existing Grid security models, explain why they represent shortcomings for some applications, and describe some emerging architectures, Trusted Computing and virtualisation, which help address the problems.

show abstract

WS-attestation: efficient and fine-grained remote attestation on Web services

Cited by 41 publications

References 2 publications

Remote attestation-based access control on trusted computing platform

Remote attestation-based access control on trusted computing platform

Policy-Based Attestation of Service Behavior for Establishing Rigorous Trust

Grid security: Next steps

Contact Info

Product

Resources

About