中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 基础软件国家工程研究中心  > 会议论文
题名:
towards remote attestation of security policies
作者: Qian Zhang ; Yeping He ; Ce Meng
会议文集: NSWCTC 2010 - The 2nd International Conference on Networks Security, Wireless Communications and Trusted Computing
会议名称: 2nd International Conference on Networks Security, Wireless Communications and Trusted Computing, NSWCTC 2010
会议日期: April 24,
出版日期: 2010
会议地点: Wuhan, Hubei
关键词: SELinux ; remote attestation ; security policies ; security of data
出版地: United States
ISBN: 978-0-7695-4011-5
部门归属: Inst. of Software, Chinese Acad. of Sci., Beijing, China
主办者: Huazhong University of Science and Technology; Wuhan University; Huazhong Normal University; National Technical University of Ukraine; Harbin Institute of Technology
英文摘要: In the environment which supports access control, the behaviors of an application not only depend on the logic of its code, also depend on the security policy enforced in the system. So, while verifying the trustworthy of a remote application, related security policy should be verified besides the application itself. However, the security policies to restrict different applications are commonly mixed as an aggregation, and the alteration of any statement will influence the final binary file of policy, which makes the integrity measurement in mutability, so it's difficult to verify the integrity of security policies by existing methods which search the measurement in a standard measurement library. For this reason, this paper presents a method for remote attestation of security policy, we firstly divide the security policy into smaller low-coupling modules, and then verify the properties of security policy based on the set of all modules' measurement in the process of remote attestation, thus we can effectively reduce the size of standard measurement library, and this makes remote attestation of security policy more easily in the complex distributed environment. In addition, to validate the feasibility of our method, we design and implement some key parts of remote attestation with the policy of SELinux, then analyze the procedure of building trust chain in it.
内容类型: 会议论文
URI标识: http://ir.iscas.ac.cn/handle/311060/8948
Appears in Collections:基础软件国家工程研究中心_会议论文

Files in This Item:
File Name/ File Size Content Type Version Access License
towards remote attestation of security policies.pdf(287KB)----限制开放-- 联系获取全文

Recommended Citation:
Qian Zhang,Yeping He,Ce Meng. towards remote attestation of security policies[C]. 见:2nd International Conference on Networks Security, Wireless Communications and Trusted Computing, NSWCTC 2010. Wuhan, Hubei. April 24,.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Qian Zhang]'s Articles
[Yeping He]'s Articles
[Ce Meng]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Qian Zhang]‘s Articles
[Yeping He]‘s Articles
[Ce Meng]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace