Abstract
This paper examines how a secure agent transfer protocol based upon TCG-defined mechanisms can be improved using property-based platform state information. In doing so, we demonstrate a practical implementation of property-based platform attestation using an enhanced version of the component property certificates defined in [16]. To illustrate our solution we provide examples of properties and component property certificates given a mobile aglet that is destined to execute on a group of devices, where the mobile aglet originator wishes to protect the confidentiality of the aglet code.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Alves, T., Felton, D.: TrustZone: Integrated Hardware and Software Security. White paper, ARM (July 2004)
Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall, Upper Saddle River (2003)
Balfe, S., Gallery, E.: Mobile Agents and the Deus Ex Machina. In: Proceedings of the 2007 IEEE International Symposium on Ubisafe Computing (UBISAFE 2007), May 21–23, pp. 486–492. IEEE Computer Society, Los Alamitos (2007)
Berkovits, S., Guttman, J.D., Swarup, V.: Authentication for Mobile Agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 114–136. Springer, Heidelberg (1998)
Chen, L., Landerfermann, R., Rohe, H.L.M., Sadeghi, A.R., Stuble, C.: A Protocol for Property-Based Attestation. In: Proceedings of the 1st ACM Workshop on Scalable Trusted Computing, Fairfax, Virginia, USA, November 3, 2006, pp. 7–16. ACM, New York (2006)
Crane, S.: Privacy Preserving Trust Agents. Technical Report HPL-2004-197, HP Labs, Bristol, UK (November 11, 2004)
Ekberg, J.-E., Asokan, N., Kostiainen, K., Eronen, P.: OnBoard Credentials Platform Design and Implementation. Technical Report NRC-TR-2008-001, Nokia Research Center, Helsinki, Finland (January 2008)
Gallery, E., Tomlinson, A.: Secure Delivery of Conditional Access Applications to Mobile Receivers. In: Mitchell, C.J. (ed.) Trusted Computing. IEE Professional Applications of Computing Series 6, ch. 7, pp. 195–238. The Institute of Electrical Engineers (IEE), London (2005)
Gray, R.S., Kotz, D., Cybenko, G., Rus, D.: D’Agents: Security in Multiple-Language, Mobile Agent System. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 154–187. Springer, Heidelberg (1998)
Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation – A Virtual Machine Directed Approach to Trusted Computing. In: Proceedings of the 3rd Conference on Virtual Machine Research And Technology Symposium, San Jose, California, USA, May 6–7, 2004, pp. 29–41. USENIX Association, Berkeley (2004)
Intel. LaGrande Technology Architectural Overview. Technical Report 252491-001, Intel Corporation (September 2003)
Johnston, W., Mudumbai, S., Thompson, M.: Authorization and Attribute Certificates for Widely Distributed Access Control. In: Proceedings of the IEEE 7th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 1998), Palo Alto, California, USA, June 17–19, 1998, pp. 340–345. IEEE Computer Society, Washington (1998)
Lange, D.B., Oshima, M.: Programming and Deploying Java Mobile Agents with Aglets. Addison Wesley Longman, Inc., Reading (1998)
Marchesini, J., Smith, S., Wild, O., Stabiner, J., Barsamian, A.: Open-source Applications of TCPA Hardware. In: ACSAC 2004, pp. 294–303. IEEE Computer Society, Washington (2004)
Mitchell, C. (ed.): Trusted Computing. IEE Professional Applications of Computing Series 6. The Institute of Electrical Engineers (IEE), London (2005)
Nagarajan, A., Varadharajan, V., Hitchens, M.: Trust Management for Trusted Computing Platforms in Web Services. In: Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing, Alexandria, Virginia, USA, November 2, 2007, pp. 58–62. ACM, New York (2007)
Necula, G.C., Lee, P.: Safe, Untrusted Agents Using Proof-Carrying Code. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 61–91. Springer, Heidelberg (1998)
Nwana, H.S., Ndumu, D.T.: An Introduction to Agent Technology. In: Nwana, H.S., Azarmi, N. (eds.) Software Agents and Soft Computing: Towards Enhancing Machine Intelligence. LNCS, vol. 1198, pp. 3–26. Springer, Heidelberg (1997)
Ousterhout, J.K., Levy, J.Y., Welch, B.B.: The Safe-Tcl Security Model. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 217–235. Springer, Heidelberg (1998)
Pearson, S.: Trusted Agents that Enhance User Privacy by Self-Profiling. Technical Report HPL-2002-196, HP Labs, Bristol, UK (July 15, 2002)
Pearson, S.: How Trusted Computers can Enhance for Privacy Preserving Mobile Applications. In: Proceedings of the 1st International IEEE WoWMoM Workshop on Trust, Security and Privacy for Ubiquitous Computing (WOWMOM 2005), Taormina, Sicily, Italy, June 13–16, 2005, pp. 609–613. IEEE Computer Society, Washington (2005)
Peinado, M., Chen, Y., England, P., Manferdelli, J.L.: NGSCB: A Trusted Open System. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 86–97. Springer, Heidelberg (2004)
Peinado, M., England, P., Chen, Y.: An Overview of NGSCB. In: Mitchell, C.J. (ed.) Trusted Computing. IEE Professional Applications of Computing Series 6, ch. 7, pp. 115–141. The Institute of Electrical Engineers (IEE), London (2005)
Poritz, J., Schunter, M., van Herreweghen, E., Waidner, M.: Property Attestation – Scalable and Privacy-friendly Security Assessment for Peer Computers. Research Report RZ 3548, IBM Research GmbH, Zurich Research Laboratory, Switzerland (October 2004)
Pridgen, A., Julien, C.: A Secure Modular Mobile Agent System. In: Proceedings of the 2006 International Workshop on Software Engineering for Large-Scale Multi-Agent Systems (SELMAS 2006), Shanghai, China, May 22–23, pp. 67–74. ACM Press, New York (2006)
Reinicke, M., Strasser, M.: Decentralized Management of Persistent Bandwidth Provision for Mobile Devices in Cellular Radio Networks. In: Sprague, R.H. (ed.) Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS 2004), Big Island, Hawaii, January 5-8. IEEE Computer Society, Los Alamitos (2004)
Rothermel, K., Schwehm, M.: Mobile Agents. In: Kent, A., Williams, J.G. (eds.) Encyclopedia for Computer Science and Technology, vol. 40, pp. 155–176. M. Dekker Inc., New York (1999)
Sadeghi, A.R., Stuble, C.: Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms (NSPW 2004), Nova Scotia, Canada, September 20-23, pp. 67–77. ACM, New York (2004)
Sekar, R., Ranalrishnan, C.R., Ramakrishnan, I.V., Smolka, S.A.: Model Carrying Code (MCC): A New Paradigm for Mobile Code Security. In: Proceedings of the New Security Paradigms Workshop (NSPW 2001), Cloudcroft, New Mexico, USA, September 10–13, pp. 23–30. ACM Press, New York (2001)
Tardo, J., Valente, L.: Mobile Agent Security and Telescript. In: Proceedings of the 41st International IEEE Computer Society International Conference: Technologies for the Information Superhighway (COMPCON 1996), Santa Clara, California, USA, February 25–28, pp. 58–63. IEEE Computer Society Press, Los Alamitos (1996)
TCG. TCG Generic Server Specification. TCG specification Version 1.0 Revision 0.8, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2005)
TCG. TCG PC Client Specific Implementation Specification For Conventional BIOS. TCG specification Version 1.2 Final, The Trusted Computing Group (TCG), Portland, Oregon, USA (July 2005)
TCG. TCG Trusted Network Connect TNC Architecture for Interoperability. TCG specification Version 1.1 Revision 2, The Trusted Computing Group (TCG), Portland, Oregon, USA (May 2006)
TCG. TPM Main, Part 1: Design Principles. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG. TPM Main, Part 2: TPM Data Structures. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG. TPM Main, Part 3: Commands. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG MPWG. The TCG Mobile Reference Architecture. TCG specification version 1 revision 1, The Trusted Computing Group (TCG), Portland, Oregon, USA (2007)
TCG MPWG. The TCG Mobile Trusted Module Specification. TCG specification version 1 revision 1, The Trusted Computing Group (TCG), Portland, Oregon, USA (September 2007)
Varadharajan, V.: Security Enhanced Mobile Agents. In: Proceedings of the 7th ACM Conference on Computer and Communications Security, Athens, Greece, November 1–4, pp. 200–209. ACM, New York (2000)
Vigna, G.: Cryptographic Traces for Mobile Agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 137–153. Springer, Heidelberg (1998)
Wilhelm, U.G., Staamann, S., Butty, L.: Introducing Trusted Third Parties to the Mobile Agent Paradigm. In: Vitek, J., Jensen, C. (eds.) Secure Internet Programming. LNCS, vol. 1603, pp. 469–489. Springer, Heidelberg (1999)
Yoshihama, S., Ebringer, T., Nakamura, M., Munetoh, S., Maruyama, H.: WS-Attestation: Effecient and Fine-Grained Remote Attestation on Web Services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005), Orlando, Florida, USA, July 11-15, pp. 743–750. IEEE Computer Society Press, Washington (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gallery, E., Nagarajan, A., Varadharajan, V. (2009). A Property-Dependent Agent Transfer Protocol. In: Chen, L., Mitchell, C.J., Martin, A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00587-9_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-00587-9_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00586-2
Online ISBN: 978-3-642-00587-9
eBook Packages: Computer ScienceComputer Science (R0)