ATTESTED GENUINENESS IN SERVICE ORIENTED ENVIRONMENTS

Authentication merely proves the identity of the parties during a SOA transaction. In order to trust the bona fide conduct of an operation there is also a need for trusting the software. The parties should provide a proof of genuineness which can be validated in the other end. In this paper, two different approaches to hardware assisted software integrity control is presented. They both combine with an identity management service to provide attested genuineness for improved trust in the transaction. One approach employs the well known Trusted Platform Module hardware unit, the other is based on custom design hardware.

[1]  Andreas Leicher,et al.  Trusted Computing enhanced OpenID , 2010, 2010 International Conference for Internet Technology and Secured Transactions.

[2]  Peter I. Corke,et al.  Toward trusted wireless sensor networks , 2010, TOSN.

[3]  Vijay Varadharajan,et al.  Property Based Attestation and Trusted Computing: Analysis and Challenges , 2009, 2009 Third International Conference on Network and System Security.

[4]  Stephen Smalley,et al.  The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[5]  Christoph Krauß,et al.  Detecting Node Compromise in Hybrid Wireless Sensor Networks Using Attestation Techniques , 2007, ESAS.

[6]  Ahmad-Reza Sadeghi,et al.  Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks , 2009, STC '09.

[7]  Michael K. Reiter,et al.  Reducing the trusted computing base for applications on commodity systems , 2009 .

[8]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[9]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[10]  Yusnani Mohd Yussoff,et al.  Identity-based Trusted Authentication in Wireless Sensor Network , 2012, ArXiv.

[11]  Mike Hibler,et al.  The Flask Security Architecture: System Support for Diverse Security Policies , 1999, USENIX Security Symposium.

[12]  Peng Ning,et al.  Remote attestation to dynamic system properties: Towards providing complete system integrity evidence , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[13]  Chris J. Mitchell,et al.  Single Sign-On Using Trusted Platforms , 2003, ISC.

[14]  Anders Fongen,et al.  Identity Management and Integrity Protection in the Internet of Things , 2012, 2012 Third International Conference on Emerging Security Technologies.

[15]  Jim Alves-Foss,et al.  The MILS architecture for high-assurance embedded systems , 2006, Int. J. Embed. Syst..

[16]  Andreas Leicher,et al.  Implementation of a Trusted Ticket System , 2009, SEC.

[17]  Evan R. Sparks A Security Assessment of Trusted Platform Modules , 2007 .

[18]  Scott A. Rotondo Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.

[19]  Ulrich Ultes-Nitsche,et al.  A Proof-of-Concept Implementation of EAP-TLS with TPM Support , 2008, ISSA.

[20]  William Yurcik,et al.  A survey of PKI components and scalability issues , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[21]  Mark Ryan,et al.  Attack, Solution and Verification for Shared Authorisation Data in TCG TPM , 2009, Formal Aspects in Security and Trust.

[22]  L. V. Doorn,et al.  SCUBA: Secure Code Update By Attestation in sensor networks , 2006, WiSe '06.

[23]  Martin Pirker,et al.  A PrivacyCA for Anonymity and Trust , 2009, TRUST.

[24]  Ole Erik Hedenstad,et al.  A framework for authentication in NBD tactical Ad Hoc networks , 2011, IEEE Communications Magazine.

[25]  Anders Fongen,et al.  Architecture Patterns for a Ubiquitous Identity Management System , 2011 .