Abstract
Remote attestation allows programs running on trusted hardware to prove their identity (and that of their environment) to programs on other hosts. Remote attestation can be used to address security concerns if programs agree on the meaning of data in attestations. This paper studies the enforcement of code-identity based access control policies in a hostile distributed environment, using a combination of remote attestation, dynamic types, and typechecking. This ensures that programs agree on the meaning of data and cannot violate the access control policy, even in the presence of opponent processes. The formal setting is a π-calculus with secure channels, process identity, and remote attestation. Our approach allows executables to be typechecked and deployed independently, without the need for secure initial key and policy distribution beyond the trusted hardware itself.
Chapter PDF
Similar content being viewed by others
Keywords
References
Abadi, M.: Secrecy by typing in security protocols. J. ACM 46(5) (1999)
Abadi, M.: Trusted computing, trusted third parties, and verified communications. In: SEC 2004: 19th IFIP International Information Security Conference (2004)
Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theoretical Computer Science 298(3) (2003)
Abadi, M., Cardelli, L., Pierce, B., Plotkin, G.: Dynamic typing in a statically typed language. ACM Trans. Program. Lang. Syst. 13(2) (1991)
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL 2001 (2001)
Abadi, M., Fournet, C.: Access control based on execution history. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium (2003)
Abadi, M., Fournet, C., Gonthier, G.: Authentication primitives and their compilation. In: POPL 2000 (2000)
Abadi, M., Fournet, C., Gonthier, G.: Secure implementation of channel abstractions. Inf. Comput. 174(1) (2002)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1) (1999)
Abadi, M., Wobber, T.: A logical account of NGSCB. In: Núñez, M., Maamar, Z., Pelayo, F.L., Pousttchi, K., Rubio, F. (eds.) FORTE 2004. LNCS, vol. 3236, Springer, Heidelberg (2004)
Amadio, R.M., Castellani, I., Sangiorgi, D.: On bisimulations of the asynchronous π-calculus. Theor. Comput. Sci. 195(2) (1998)
Anderson, R.: ‘Trusted Computing’ Frequently Asked Questions, Version 1.1 (2003), http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Anderson, R., Kuhn, M.: Tamper resistance - a cautionary note. In: Second USENIX Workshop on Electronic Commerce Proceedings (1996)
Arbaugh, W.A.: Improving the TCPA specification. IEEE Computer (2002)
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: IEEE Symposium on Security and Privacy (1997)
Berry, G., Boudol, G.: The chemical abstract machine. In: POPL 1990 (1990)
Bugliesi, M., Crafa, S., Prelic, A., Sassone, V.: Secrecy in untrusted networks. In: Baeten, J.C.M., Lenstra, J.K., Parrow, J., Woeginger, G.J. (eds.) ICALP 2003. LNCS, vol. 2719, Springer, Heidelberg (2003)
Bugliesi, M., Focardi, R., Maffei, M.: Compositional analysis of authentication protocols. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, Springer, Heidelberg (2004)
Bugliesi, M., Focardi, R., Maffei, M.: Analysis of typed analyses of authentication protocols. In: CSFW (2005)
Cardelli, L.: Program fragments, linking, and modularization. In: POPL 1997 (1997)
Fournet, C., Gordon, A., Maffeis, S.: A type discipline for authorization policies. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, Springer, Heidelberg (2005)
Gordon, A.D., Jeffrey, A.S.A.: Authenticity by typing for security protocols. J. Computer Security 11(4) (2003)
Gordon, A.D., Jeffrey, A.S.A.: Types and effects for asymmetric cryptographic protocols. J. Computer Security 12(3/4) (2004)
Gordon, A.D., Jeffrey, A.S.A.: Secrecy despite compromise: Types, cryptography, and the pi-calculus. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, Springer, Heidelberg (2005)
Haack, C., Jeffrey, A.S.A.: Pattern-matching spi-calculus. In: Proc. IFIP WG 1.7 Workshop on Formal Aspects in Security and Trust (2004)
Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: A virtual machine directed approach to trusted computing. In: USENIX VM (2004)
Haldar, V., Franz, M.: Symmetric behavior-based trust: A new paradigm for internet computing. In: New Security Paradigms Workshop (2004)
Hennessy, M., Riely, J.: Resource access control in systems of mobile agents. Information and Computation 173 (2002)
Honda, K., Tokoro, M.: On asynchronous communication semantics. In: America, P. (ed.) ECOOP 1991. LNCS, vol. 512, Springer, Heidelberg (1991)
Honda, K., Vasconcelos, V.T., Yoshida, N.: Secure information flow as typed process behaviour. In: Smolka, G. (ed.) ESOP 2000 and ETAPS 2000. LNCS, vol. 1782, Springer, Heidelberg (2000)
Huang, A.: Hacking the Xbox. Xenatera Press (2003)
Irvine, C., Levin, T.: A cautionary note regarding the data integrity capacity of certain secure systems. In: Integrity, Internal Control and Security in Information Systems (2002)
Leroy, X., Mauny, M.: Dynamics in ML. In: Hughes, J. (ed.) FPCA 1991. LNCS, vol. 523, Springer, Heidelberg (1991)
Li, N., Mitchell, J.C.: RT: A role-based trust-management framework. In: DARPA Information Survivability Conference and Exposition (DISCEX III) (2003)
Lie, D., Thekkath, C., Lincoln, P., Mitchell, M., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. In: ASPLOS-IX (2000)
Lie, D., Thekkath, C.A., Horowitz, M.: Implementing an untrusted operating system on trusted hardware. In: 19th ACM Symposium on Operating Systems Principles (2003)
Microsoft. Longhorn developer preview documentation. Distributed at Microsoft’s Professional Developers Conference in Los Angeles (2003)
Microsoft. NGSCB: TCB and software authentication (2003)
Microsoft. Security model for the Next-Generation Secure Computing Base (2003)
Milner, R., Parrow, J., Walker, D.: A calculus of mobile processes, I. Inf. Comput. 100(1) (1992)
Odersky, M.: Polarized name passing. In: FST-TCS 1995 (1995)
Pearson, S. (ed.): Trusted Computing Platforms: TCPA Technology in Context. Prentice-Hall, Englewood Cliffs (2002)
Riely, J., Hennessy, M.: Trust and partial typing in open systems of mobile agents. J. Automated Reasoning 31(3–4) (2003)
Sadeghi, A.-R., Stüble, C.: Property-based attestation for computing platforms: Caring about properties, not mechanisms. In: New Security Paradigms Workshop (2004)
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: 13th USENIX Security Symposium (2004)
Sandhu, R., Zhang, X.: Peer-to-peer access control architecture using trusted computing technology. In: SACMAT (2005)
Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: SoftWare-based ATTestation for embedded devices. In: IEEE Symposium on Security and Privacy (2004)
Smith, S., Weingart, S.: Building a high-performance, programmable secure coprocessor. Computer Networks 31 (1999) Special Issue on Computer Network Security
Thompson, K.: Reflections on trusting trust. CACM 27(8) (1984)
Trusted Computing Group. Trusted Computing Platform Alliance: Main specification, version 1.1b (2003), http://www.trustedcomputinggroup.org
Wallach, D.S., Appel, A.W., Felten, E.W.: SAFKASI: a security mechanism for language-based systems. ACM Trans. Softw. Eng. Methodol. 9(4) (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pitcher, C., Riely, J. (2006). Dynamic Policy Discovery with Remote Attestation. In: Aceto, L., Ingólfsdóttir, A. (eds) Foundations of Software Science and Computation Structures. FoSSaCS 2006. Lecture Notes in Computer Science, vol 3921. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11690634_8
Download citation
DOI: https://doi.org/10.1007/11690634_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33045-5
Online ISBN: 978-3-540-33046-2
eBook Packages: Computer ScienceComputer Science (R0)