The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.03 - May/June (2012 vol.9)
pp: 429-442
Wenjuan Xu , Frostburg State University, Frostburg
Xinwen Zhang , Huawei Research Center, Santa Clara
Hongxin Hu , Arizona State University, Tempe
Gail-Joon Ahn , Arizona State University, Tempe
Jean-Pierre Seifert , Technical University of Berlin, Berlin
ABSTRACT
We propose and implement an innovative remote attestation framework called DR@FT for efficiently measuring a target system based on an information flow-based integrity model. With this model, the high integrity processes of a system are first measured and verified, and these processes are then protected from accesses initiated by low integrity processes. Toward dynamic systems with frequently changed system states, our framework verifies the latest state changes of a target system instead of considering the entire system information. Our attestation evaluation adopts a graph-based method to represent integrity violations, and the graph-based policy analysis is further augmented with a ranked violation graph to support high semantic reasoning of attestation results. As a result, DR@FT provides efficient and effective attestation of a system's integrity status, and offers intuitive reasoning of attestation results for security administrators. Our experimental results demonstrate the feasibility and practicality of DR@FT.
INDEX TERMS
Remote attestation, platform integrity, security policy, policy analysis.
CITATION
Wenjuan Xu, Xinwen Zhang, Hongxin Hu, Gail-Joon Ahn, Jean-Pierre Seifert, "Remote Attestation with Domain-Based Integrity Model and Policy Analysis", IEEE Transactions on Dependable and Secure Computing, vol.9, no. 3, pp. 429-442, May/June 2012, doi:10.1109/TDSC.2011.61
REFERENCES
[1] "Trusted Computing Group," https:/www. trustedcomputinggroup.org , 2011.
[2] R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn, "Design and Implementation of a TCG-Based Integrity Measurement Architecture," Proc. 13th Conf. USENIX Security (SSYM '04), 2004.
[3] L. Chen, R. Landfermann, H. Löhr, M. Rohe, A.-R. Sadeghi, and C. Stüble, "A Protocol for Property-Based Attestation," Proc. First ACM Workshop Scalable Trusted Computing (STC '06), 2006.
[4] V. Haldar, D. Chandra, and M. Franz, "Semantic Remote Attestation: A Virtual Machine Directed Approach to Trusted Computing," Proc. Third Conf. Virtual Machine Research and Technology Symp. (VM '04), 2004.
[5] T. Jaeger, R. Sailer, and U. Shankar, "PRIMA: Policy-reduced Integrity Measurement Architecture," Proc. 11th ACM Symp. Access Control Models and Technologies (SACMAT '06), 2006.
[6] K.J. Biba, "Integrity Consideration for Secure Compuer System," Technical Report 3153, Mitre Corp., 1977.
[7] T. Fraser, "Lomac: Low Water-Mark Integrity Protection for Cots Environment," Proc. IEEE Symp. Security and Privacy (SP '00), May 2000.
[8] R.S. Sandhu, "Lattice-Based Access Control Models," Computer, vol. 26, no. 11, pp. 9-19, Nov. 1993.
[9] U. Shankar, T. Jaeger, and R. Sailer, "Toward Automated Information-Flow Integrity Verification for Security-Critical Applications," Proc. Network and Distributed System Security Symp. (NDSS), 2006.
[10] T. Jaeger, R. Sailer, and X. Zhang, "Analyzing Integrity Protection in the Selinux Example Policy," Proc. 12th Conf. USENIX Security Symp. (SSYM '03), 2003.
[11] U. Shankar, T. Jaeger, and R. Sailer, "Toward Automated Information-Flow Integrity Verification for Security-Critical Applications," Proc. Network and Distributed System Security Symp. (NDSS), The Internet Soc., http://dblp.uni-trier.de/db/conf/ndssndss2006.html#ShankarJS06 , 2006.
[12] S. Smalley, "Configuring the Selinux Policy," http://www.nsa. gov/SELinuxdocs.html, 2003.
[13] B. Hicks, S. Rueda, L.S. Clair, T. Jaeger, and P. McDaniel, "A Logical Specification and Analysis for Selinux mls Policy," ACM Trans. Information Systems Security, vol. 13, no. 3, pp. 1-31, 2010.
[14] Tresys Technology APOL, http://www.tresys.comselinux/, 2011.
[15] J. Guttman, A. Herzog, and J. Ramsdell, "Information Flow in Operating Systems: Eager Formal Methods," Proc. Workshop Issues in the Theory of Security (WITS), 2003.
[16] B. Sarna-Starosta and S.D. Stoller, "Policy Analysis for Security-Enhanced Linux," Proc. Workshop Issues in the Theory of Security (WITS), pp. 1-12, Apr. 2004.
[17] W. Xu, M. Shehab, and G. Ahn, "Visualization Based Policy Analysis: Case Study in Selinux," Proc. ACM Symp. Access Control Models and Technologies, 2008.
[18] G. Ahn, W. Xu, and X. Zhang, "Systematic Policy Analysis for High-Assurance Services in Selinux," Proc. IEEE Workshop Policies for Distributed Systems and Networks, pp. 3-10, 2008.
[19] M. Alam, X. Zhang, M. Nauman, T. Ali, and J.-P. Seifert, "Model-Based Behavioral Attestation," Proc. 13th ACM Symp. Access Control Models and Technologies (SACMAT '08), 2008.
[20] Trusted Computer System Evaluation Criteria. United States Govt. Dept. of Defense (DOD), Profile Books, 1985.
[21] A.P. Anderson, "Computer Security Technology Planning Study," Technical Report ESD-TR-73-51, vol. II, 1972.
[22] S. Smalley, "Configuring the Selinux Policy," http://www.nsa. gov/SELinuxdocs.html, 2003.
[23] "LIM Patch," http://lkml.org/lkml/2008/627, 2011.
[24] N. Provos, M. Friedl, and P. Honeyman, "Preventing Privilege Escalation," Proc. 12th Conf. USENIX Security Symp. (SSYM '03), p. 11, Aug. 2003.
[25] M. Green, "Toward a Perceptual Science of Multidimensional Data Visualization: Bertin and Beyond," http://www.ergogero. com/datavizdviz2.html , 1998.
[26] S. Brin and L. Page, "The Anatomy of a Large-Scale Hypertextual Web Search Engine," Computer Networks and ISDN Systems, vol. 30, nos. 1-7, pp. 107-117, 1998.
[27] W. Xu, X. Zhang, and G.-J. Ahn, "Towards System Integrity Protection with Graph-Based Policy Analysis," Proc. 23rd Ann. IFIP WG 11.3 Working Conf. Data and Applications Security, 2009.
[28] "Piccolo ToolKit," http://www.cs.umd.edu/hciljazz/. 2011.
27 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool