{"title":"弥合软件认证和可信计算之间的差距,确保云计算的安全","authors":"A. Muñoz, A. Maña","doi":"10.1109/SERVICES.2013.15","DOIUrl":null,"url":null,"abstract":"Despite the fact that software security certification has important advantages; among these we highlighted that it allows to increase users' trust by means of attesting security properties. However, in most of cases the system that is subject of certification is considered to be monolithic. This fact implies that existing certification schemes do not provide support for dynamic changes of components as required in Cloud Computing scenarios. In existing certification schemes certificates refer to a particular version of the product or system, changes in the system structure require a process of recertification. We propose a solution based on the combination of software certification techniques and hardware-based certification, as those provided by the Trusted Computing technology. Likewise, the main target of our approach is bringing the gap existing between the software certification and the means for hardware certification, in order to provide a solution for the whole system certification using Trusted Computing technology.","PeriodicalId":169370,"journal":{"name":"2013 IEEE Ninth World Congress on Services","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Bridging the GAP between Software Certification and Trusted Computing for Securing Cloud Computing\",\"authors\":\"A. Muñoz, A. Maña\",\"doi\":\"10.1109/SERVICES.2013.15\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Despite the fact that software security certification has important advantages; among these we highlighted that it allows to increase users' trust by means of attesting security properties. However, in most of cases the system that is subject of certification is considered to be monolithic. This fact implies that existing certification schemes do not provide support for dynamic changes of components as required in Cloud Computing scenarios. In existing certification schemes certificates refer to a particular version of the product or system, changes in the system structure require a process of recertification. We propose a solution based on the combination of software certification techniques and hardware-based certification, as those provided by the Trusted Computing technology. Likewise, the main target of our approach is bringing the gap existing between the software certification and the means for hardware certification, in order to provide a solution for the whole system certification using Trusted Computing technology.\",\"PeriodicalId\":169370,\"journal\":{\"name\":\"2013 IEEE Ninth World Congress on Services\",\"volume\":\"27 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE Ninth World Congress on Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERVICES.2013.15\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE Ninth World Congress on Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2013.15","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Bridging the GAP between Software Certification and Trusted Computing for Securing Cloud Computing
Despite the fact that software security certification has important advantages; among these we highlighted that it allows to increase users' trust by means of attesting security properties. However, in most of cases the system that is subject of certification is considered to be monolithic. This fact implies that existing certification schemes do not provide support for dynamic changes of components as required in Cloud Computing scenarios. In existing certification schemes certificates refer to a particular version of the product or system, changes in the system structure require a process of recertification. We propose a solution based on the combination of software certification techniques and hardware-based certification, as those provided by the Trusted Computing technology. Likewise, the main target of our approach is bringing the gap existing between the software certification and the means for hardware certification, in order to provide a solution for the whole system certification using Trusted Computing technology.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
