White List Security Management Mechanism based on Trusted Computing Technology

A security management mechanism with white list is proposed based on trusted computing technology. The mechanism runs dynamic measurements to verify their integrity when the software or the program starts, which is an active defense mechanism based on trusted computing technology. It can effectively prevent unknown malicious programs, progresses or codes running to get sensitive information, which does not have disadvantages of some traditional antivirus software, such as feature code or virus database update, patching or bugs fix, etc.

[1]  Daniel F. Sterne,et al.  Practical Domain and Type Enforcement for UNIX , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[2]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[3]  Birgit Pfitzmann,et al.  The PERSEUS System Architecture , 2001 .

[4]  Jean-Pierre Seifert,et al.  Model-based behavioral attestation , 2008, SACMAT '08.

[5]  Yvonne Neudorf The Multics System An Examination Of Its Structure , 2016 .

[6]  Butler W. Lampson,et al.  A Trusted Open Platform , 2003, Computer.

[7]  Xinwen Zhang,et al.  Remote Attestation of Attribute Updates and Information Flows in a UCON System , 2009, TRUST.

[8]  C. Weissman Security controls in the ADEPT-50 time-sharing system , 1899, AFIPS '69 (Fall).

[9]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[10]  Xinwen Zhang,et al.  Behavioral attestation for web services (BA4WS) , 2008, SWS '08.

[11]  Benedetto L. DiVito,et al.  Specification and verification of the ASOS kernel , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Peng Ning,et al.  HIMA: A Hypervisor-Based Integrity Measurement Agent , 2009, 2009 Annual Computer Security Applications Conference.

[13]  David Sands,et al.  Controlled Declassification Based on Intransitive Noninterference , 2004, APLAS.

[14]  Jaehong Park,et al.  Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[15]  N.A. Waldhart The Army Secure Operating System , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  David Lie,et al.  Hypervisor Support for Identifying Covertly Executing Binaries , 2008, USENIX Security Symposium.

[17]  Xinwen Zhang,et al.  Behavioral Attestation for Business Processes , 2009, 2009 IEEE International Conference on Web Services.