Advertisement

Trusted Isolation Environment: An Attestation Architecture with Usage Control Model

  • Anbang Ruan
  • Qingni Shen
  • Liang Gu
  • Li Wang
  • Lei Shi
  • Yahui Yang
  • Zhong Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5927)

Abstract

The Trusted Computing Group (TCG) proposed remote attestation as a solution for establishing trust among distributed applications. However, current TCG attestation architecture requires challengers to attest to every program loaded on the target platform, which will increase the attestation overhead and bring privacy leakage and other security risks. In this paper, we define a conceptual model called the Trusted Isolation Environment (TIE) to facilitate remote attestation. We then present the implementation of TIE with our tailored Usage CONtrol model (UCONRA) and a set of system-defined policies. With its continuous and mutable feature and obligation support, we construct the TIE with flexibility. Lastly, we propose our attestation architecture with UCONRA gaining the benefits of scalable and lightweight.

Keywords

Remote attestation trusted computing usage control MAC model isolation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Trusted Computing Group (TCG), https://www.trustedcomputinggroup.org/
  2. 2.
    Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: SSYM 2004: Proceedings of the 13th conference on USENIX Security Symposium, Berkeley, CA, USA, p. 16. USENIX Association (2004)Google Scholar
  3. 3.
    Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: SACMAT 2006: Proceedings of the eleventh ACM symposium on Access control models and technologies, pp. 19–28. ACM Press, New York (2006)CrossRefGoogle Scholar
  4. 4.
    Poritz, J., Schunter, M., Van Herreweghen, E., Waidner, M.: Property attestation—scalable and privacy-friendly security assessment of peer computers. Technical Report RZ 3548, IBM Research (May 2004)Google Scholar
  5. 5.
    Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: Caring about properties, not mechanisms. In: The 2004 New Security Paradigms Workshop, Virginia Beach, VA, USA, ACM SIGSAC, September 2004. ACM SIGSAC, ACM Press (2004)Google Scholar
  6. 6.
    Park, J., Sandhu, R.: The UCONabc usage control model. ACM Transactions on Information and Systems Security 7(1) (February 2004)Google Scholar
  7. 7.
    Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP 2003), pp. 193–206 (2003)Google Scholar
  8. 8.
    Gu, L., Ding, X., Deng, R.H., Xie, B., Mei, H.: Remote Attestation on Program Execution. In: Proceedings of STC 2008, Virginia, USA (October 2008)Google Scholar
  9. 9.
    Intel Corporation: LaGrande technology preliminary architecture specification. Intel Publication no. D52212, May 2006. Google Scholar
  10. 10.
    Advanced Micro Devices. AMD64 virtualization, C.: Secure virtual machine architecture reference manual. AMD Publication no. 33047 rev. 3.01 (May 2005)Google Scholar
  11. 11.
    Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: SOSP 2007 Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, Washington, USA (October 2007)Google Scholar
  12. 12.
    Xu, M., Jiang, X., Sandhu, R., Zhang, X.: Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection. In: Proceedings of SACMAT 2007, Sophia Antipolis, France (2007)Google Scholar
  13. 13.
    Shi, E., Perrig, A., Van Doorn, A.: BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In: SP 2005: Proceedings of the 2005 IEEE Symposium on Security and Privacy, pp. 154–168 (2005)Google Scholar
  14. 14.
    McCuney, J.M., Parnoy, B., Perrigy, A., Reiteryz, M.K., Isozaki, H.: Flicker: An Execution Infrastructure for TCB Minimization. In: Proceedings of EuroSys 2008, Glasgow, Scotland, UK (April 2008).Google Scholar
  15. 15.
    Security-Enhanced Linux (SELinux), http://www.nsa.gov/selinux/
  16. 16.
    Alam, M., Zhang, X., Nauman, M., Ali, T., Seifert, J.P.: Model-based Behavioral Attestation. In: SACMAT 2008: Proceedings of the thirteenth ACM symposium on Access control models and technologies, ACM Press, New York (2008)Google Scholar
  17. 17.
    Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., Lepreau, J.: The Flask Security Architecture: System Support for Diverse Security Policies. In: Proceedings of the Eighth USENIX Security Symposium, Aug. 1999, pp. 123–139 (1999)Google Scholar
  18. 18.
    Loscocco, P.A., Wilson, P.W., Aaron Pendergrass, J., McDonell, D.: Linux kernel integrity measurement using contextual inspection. In: Proceedings of the 2007 ACM workshop on Scalable trusted computing, November 02-02, 2007, Alexandria, Virginia, USA (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Anbang Ruan
    • 1
    • 2
  • Qingni Shen
    • 1
    • 2
  • Liang Gu
    • 2
    • 3
  • Li Wang
    • 1
    • 2
  • Lei Shi
    • 2
    • 3
  • Yahui Yang
    • 1
    • 2
  • Zhong Chen
    • 1
    • 2
    • 3
  1. 1.School of Software and MicroelectronicsPeking UniversityBeijingChina
  2. 2.Key Laboratory of High Confidence Software TechnologiesPeking UniversityBeijingChina
  3. 3.Institute of Software, School of EECSPeking UniversityBeijingChina

Personalised recommendations