A Framework for Trustworthy Service-Oriented Computing (Short Paper)

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5352)


Service-oriented computing requires un-trusted and trusted software to simultaneously execute on the same hardware platform. Trusted software protects a service provider’s business model and must execute in a high assurance environment. Increasingly, hardware mechanisms are required to create high-assurance closed environments to host trusted software on open platforms. In current approaches, independent hardware vendors (IHVs) design and implement closed environments with proprietary interfaces specific to mobile phones, PCs and servers, forcing independent software vendors (ISVs) and service providers to develop non-portable software. In this paper, we present an abstract closed environment architecture that exposes its facilities via implementation-independent canonical interfaces. IHVs can use this architecture to implement platform-specific closed environments, while ISVs and service providers develop applications to the canonical interface and build portable trusted software. We discuss example implementations of our framework to demonstrate the feasibility of building scalable solutions to support trustworthy service-oriented computing.


Service Provider Service Orient Architecture Open Platform Closed Environment Security Architecture 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    MacKenzie, C.M., et al.: Reference Model for Service Oriented Architecture 1.0. World Wide Web (October 2006),
  2. 2.
    Dyer, J.G., et al.: Building the IBM 4758 Secure Coprocessor. IEEE Computer 34, 57–66 (2001)CrossRefGoogle Scholar
  3. 3.
    Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: architecture for tamper-evident and tamper-resistant processing. In: ICS 2003: Proceedings of the 17th annual international conference on Supercomputing, pp. 160–171. ACM, New York (2003)Google Scholar
  4. 4.
    Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. SIGPLAN Not. 35(11), 168–177 (2000)CrossRefGoogle Scholar
  5. 5.
    Alves, T., Felton, D.: TrustZone: Integrated Hardware and Software Security. World Wide Web (July 2004),
  6. 6.
    TCG: TCG mobile reference architecture specification version 1.0. World Wide Web (June 2007),
  7. 7.
    Ashkenazi, A., Hartley, D.: Securing Mobile Devices with Platform Independent Security Architecture. In: Embedded Systems Conference (April 2008)Google Scholar
  8. 8.
    Saltzer, J.H., Schroeder, M.D.: The Protection of Information in Computer Systems. Proc. of the IEEE 63(9), 1278–1308 (1975)CrossRefGoogle Scholar
  9. 9.
    Chinnici, R., et al.: Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language. World Wide Web (June 2007),
  10. 10.
    Nadalin, A., et al.: WS-Trust 1.3. World Wide Web (March 2007),
  11. 11.
    Ekberg, J., et al.: OnBoard Credentials Platform Design and Implementation. Technical Report NRC-TR-2008-001, Nokia Research Center (January 2008)Google Scholar
  12. 12.
    Liedtke, J.: On μ-kernel construction. In: Proc. 15th ACM Symposium on OS Principles, pp. 237–250 (December 1995)Google Scholar
  13. 13.
    Zhang, X., Aciicmez, O., Seifert, J.P.: A trusted mobile phone reference architecturevia secure kernel. In: STC 2007: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pp. 7–14. ACM, New York (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  1. 1.Systems Research Center, Intel Technology India Pvt. Ltd.BangaloreIndia

Personalised recommendations