{"title":"可信平台中基于属性的认证分析","authors":"A. Nagarajan, V. Varadharajan, M. Hitchens","doi":"10.1109/EUC.2010.136","DOIUrl":null,"url":null,"abstract":"Binary attestation in trusted computing platforms provide the ability to reason about the state of a system using hash measurements. Property based attestation on the other hand enables more meaningful attestation by abstracting low level binary values to high level security properties or functions of systems. In this paper, we try to understand the kind of security properties that trusted platforms can attest. We propose that security properties can have different levels of granularity and provide a pyramid model that classifies properties at four different levels. We leverage the Common Criteria framework for security requirements to provide examples of such properties. The model is then implemented in the context of authorisation for Web services.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Analysis of Property Based Attestation in Trusted Platforms\",\"authors\":\"A. Nagarajan, V. Varadharajan, M. Hitchens\",\"doi\":\"10.1109/EUC.2010.136\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Binary attestation in trusted computing platforms provide the ability to reason about the state of a system using hash measurements. Property based attestation on the other hand enables more meaningful attestation by abstracting low level binary values to high level security properties or functions of systems. In this paper, we try to understand the kind of security properties that trusted platforms can attest. We propose that security properties can have different levels of granularity and provide a pyramid model that classifies properties at four different levels. We leverage the Common Criteria framework for security requirements to provide examples of such properties. The model is then implemented in the context of authorisation for Web services.\",\"PeriodicalId\":265175,\"journal\":{\"name\":\"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-12-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EUC.2010.136\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EUC.2010.136","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Analysis of Property Based Attestation in Trusted Platforms
Binary attestation in trusted computing platforms provide the ability to reason about the state of a system using hash measurements. Property based attestation on the other hand enables more meaningful attestation by abstracting low level binary values to high level security properties or functions of systems. In this paper, we try to understand the kind of security properties that trusted platforms can attest. We propose that security properties can have different levels of granularity and provide a pyramid model that classifies properties at four different levels. We leverage the Common Criteria framework for security requirements to provide examples of such properties. The model is then implemented in the context of authorisation for Web services.