Trusted virtual domains: Color your network

Abstract

Trusted Virtual Domains (TVDs) provide a secure IT infrastructure offering a homogeneous and transparent enforcement of access control policies on data and network resources. In this article, we give an overview of the fundamental ideas and basic concepts behind TVDs, present a realization of TVDs, and discuss application scenarios.

This is a preview of subscription content, access via your institution.

Bibliography

  1. [1]

    BERGER, S., CACERES, R., PENDARAKIS, D. E., SAILER, R., VALDEZ, E., PEREZ, R., SCHILDHAUER, W., and SRINIVASAN, D. TVDc: Managing security in the trusted virtual datacenter. Operating Systems Review 42,1 (2008), 40–47.

    Article  Google Scholar 

  2. [2]

    BUSSANI, A., GRIFFIN, J. L., JANSEN, B., JULISCH, K., KARJOTH, G., MARUYAMA, H., NAKAMURA, M., PEREZ, R., SCHUNTER, M., TANNER, A., DOORN, L. V., HERREWEGHEN, E. A. V., WAIDNER, M., and YOSHIHAMA, S. Trusted Virtual Domains: Secure foundations for business and IT services. Tech. Rep. RC23792, IBM Research, 2005.

  3. [3]

    CABUK, S., DALTON, C. I., RAMASAMY, H. V., and SCHUNTER, M. Towards automated provisioning of secure virtualized networks. In Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, October 28–31, 2007 (2007), ACM, pp. 235–245.

  4. [4]

    DISTRIBUTED MANAGEMENT TASK FORCE. „Web-based Enterprise Management (WBEM)”. http://www.dmtf.org.

  5. [5]

    GASMI, Y., SADEGHI, A.-R., STEWIN, P., UNGER, M., WINANDY, M., HUSSEIKI, R., and STÜBLE, C. Flexible and secure enterprise rights management based on trusted virtual domains. In Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, STC 2008, Alexandria, VA, USA, October 31, 2008 (2008), ACM, pp. 71–80.

  6. [6]

    GRIFFIN, J. L., JAEGER, T., PEREZ, R., SAILER, R., VAN DOORN, L., and CACERES, R. Trusted Virtual Domains: Toward secure distributed services. In Proceedings of the 1st IEEE Workshop on Hot Topics in System Dependability (Hot-Dep’05) (June 2005).

  7. [7]

    KATSUNO, Y., KUDO, M., PEREZ, P., and SAILER, R. Towards Multi-Layer Trusted Virtual Domains. In The 2nd Workshop on Advances in Trusted Computing (WATC 2006 Fall) (Tokyo, Japan, Nov. 2006), Japanese Ministry of Economy, Trade and Industry (METI).

  8. [8]

    LÖHR, H., SADEGHI, A.-R., VISHIK, C., and WINANDY, M. Trusted privacy domains — challenges for trusted computing in privacy-protecting information sharing. In Information Security Practice and Experience, 5th International Conference, ISPEC 2009 (2009), vol. 5451 of Lecture Notes in Computer Science, Springer, pp. 396–407.

    Google Scholar 

  9. [9]

    TRUSTED COMPUTING GROUP. TPM main specification, version 1.2 rev. 103, July 2007. https://www.trustedcomputinggroup.org.

  10. [10]

    CATUOGNO, L., LÖHR, H., MANULIS, M., SADEGHI, A.-R., and WINANDY, M. Transparent Mobile Storage Protection in Trusted Virtual Domains. In 23rd Large Installation System Administration Conference (LISA’09), USENIX Association, 2009

  11. [11]

    EUROPEAN NETWORK AND INFORMATION SECURITY AGENCY (ENISA). Secure USB Flash Drives, June 2008. http://www.enisa.europa.eu/doc/pdf/Publications/SecureUSBdrives_180608.pdf.

  12. [12]

    FABIAN, M. Endpoint security: managing USBbased removable devices with the advent of portable applications. In InfoSecCD’07: Proceedings of the 4th Annual Conference on Information Security Curriculum Development, ACM, pp. 1–5, 2007.

  13. [13]

    BEAUTEMENT, A., COLES, R., J., IOANNIDIS, C., MONAHAN, B., PYM, D., SASSE, A., and WONHAM, M. Modeling the human and technological costs and benefits of USB memory stick security. In Workshop on the Economics of Information Security (WISE’08), 2008.

    Google Scholar 

  14. [14]

    PARKIN, S. E., KASSAB, R. Y., and VAN MOORSEL, A. P. A. The impact of unavailability on the effectiveness of enterprise information security technologies. In Service Availability, 5th International Service Availability Symposium, ISAS 2008, Tokyo, Japan, May 19–21, 2008, Proceedings, vol. 5017 of Lecture Notes in Computer Science, Springer, pp. 43–58, 2008.

  15. [15]

    GOLDMAN, K., PEREZ R., SAILER, R. Linking remote attestation to secure tunnel endpoints. In Proceedings of the 1st ACM Workshop on Scalable Trusted Computing (STC’06), ACM Press, pp. 21–24, 2006.

  16. [16]

    ARMKNECHT, F., GASMI, Y., SADEGHI, A.-R., STEWIN, P., UNGER, M., RAMUNNO, G., and VERNIZZI, D. An efficient implementation of trusted channels based on OpenSSL. In Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing (STC’08), ACM, pp. 41–50, 2008.

Download references

Authors

Additional information

Dr. Luigi Catuogno is responsible for network and system administration at the University of Salerno, Italy. He was a visiting researcher at Ruhr-University Bochum, Germany.

Hans Löhr is research assistant at the Horst Görtz Institute for IT-Security (HGI) at Ruhr-University Bochum, Germany.

Prof. Dr.-Ing. Mark Manulis is professor at the Center for Advanced Security Research Darmstadt (CASED) at Technical University Darmstadt, Germany.

Prof. Dr.-Ing. Ahmad-Reza Sadeghi is professor at the Horst Görtz Institute for IT-Security (HGI) at Ruhr-University Germany.

Christian Stüble is CTO of Sirrix AG security technologies.

Marcel Winandy is research assistant at the Horst GÖrtz Institute for ITSecurity (HGI) at Ruhr-University Bochum, Germany.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Catuogno, L., Löhr, H., Manulis, M. et al. Trusted virtual domains: Color your network. DuD 34, 289–294 (2010). https://doi.org/10.1007/s11623-010-0089-0

Download citation