论文信息 - The Search for Trust Evidence

The Search for Trust Evidence

Trust Evidence addresses the problem of how devices or systems should mutually assess trustworthiness at the onset and during interaction. Approaches to Trust Evidence can be used to assess risk, for example, facilitating the choice of threat posture as devices interact within the context of a smart city. Trust Evidence may augment authentication schemes by adding information about a device and its operational context. In this paper, we discuss Intel’s 3-year collaboration with university researchers on approaches to Trust Evidence. This collaboration included an exploratory phase that looked at several formulations of Trust Evidence in varied contexts. A follow-up phase looked more specifically at Trust Evidence in software runtime environments, and whether techniques could be developed to generate information on correct execution. We describe various research results associated with two key avenues of investigation, programming language extensions for numerical Trust Evidence and an innovative protected module architecture. We close with reflections on industry-university researcher collaborations and several suggestions for enabling success.

[1] Stephen McCamant,et al. HI-CFG: Construction by Binary Analysis and Application to Attack Polymorphism , 2013, ESORICS.

[2] Scott A. Rotondo. Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.

[3] Frank Piessens,et al. Salus: Non-hierarchical Memory Access Rights to Enforce the Principle of Least Privilege , 2013, SecureComm.

[4] M. Reiter,et al. Discovering access-control misconfigurations: new approaches and evaluation methodologies , 2012, CODASPY '12.

[5] Michael Huth,et al. Towards Usable Generation and Enforcement of Trust Evidence from Programmers' Intent , 2013, HCI.

[6] Nicholas R. Jennings,et al. An integrated trust and reputation model for open multi-agent systems , 2006, Autonomous Agents and Multi-Agent Systems.

[7] Michael Huth,et al. PEALT: An Automated Reasoning Tool for Numerical Aggregation of Trust Evidence , 2014, TACAS.

[8] Tadayoshi Kohno,et al. Computer security and the modern home , 2013, CACM.

[9] Chunyan Miao,et al. A Survey of Multi-Agent Trust Management Systems , 2013, IEEE Access.

[10] VARUN CHANDOLA,et al. Anomaly detection: A survey , 2009, CSUR.

[11] K. Suzanne Barber,et al. Dynamically learning sources of trust information: experience vs. reputation , 2007, AAMAS '07.

[12] Frank Piessens,et al. Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base , 2013, USENIX Security Symposium.

[13] Frank Piessens,et al. Secure interrupts on low-end microcontrollers , 2014, 2014 IEEE 25th International Conference on Application-Specific Systems, Architectures and Processors.

[14] Sebastian G. Elbaum,et al. Intrusion Detection Through Dynamic Software Measurement , 1999, Workshop on Intrusion Detection and Network Monitoring.

[15] Frank Piessens,et al. Fides: selectively hardening software application components against kernel-level or process-level malware , 2012, CCS '12.

[16] Michael Huth,et al. On Designing Usable Policy Languages for Declarative Trust Aggregation , 2014, HCI.

[17] Marco Patrignani,et al. Secure Compilation to Protected Module Architectures , 2015, TOPL.

[18] Munindar P. Singh,et al. A Probabilistic Approach for Maintaining Trust Based on Evidence , 2011, J. Artif. Intell. Res..

[19] Frank Piessens,et al. Salus: Kernel Support for Secure Process Compartments , 2015, EAI Endorsed Trans. Security Safety.

[20] Munindar P. Singh,et al. Evidence-based trust: A mathematical model geared for multiagent systems , 2010, TAAS.