Sciweavers

JHSN
2006

Client-side access control enforcement using trusted computing and PEI models

13 years 10 months ago
Client-side access control enforcement using trusted computing and PEI models
It has been recognized for some time that software alone does not provide an adequate foundation for building a high-assurance trusted platform. The emergence of industry-standard trusted computing technologies promises a revolution in this respect by providing roots of trust upon which secure applications can be developed. These technologies offer a particularly attractive platform for security policy enforcement in general distributed systems. In this paper we propose a security framework to enforce access control policies with trusted computing, wing the recently proposed policy-enforcement-implementation (PEI) models. Our architecture is based on an abstract layer of trusted hardware which can be constructed with emerging trusted computing technologies. A trusted reference monitor (TRM) is introduced beyond the trusted hardware. By monitoring and verifying the integrity and properties of running applications in a platform using the functions of trusted computing, the TRM can enforc...
Ravi S. Sandhu, Xinwen Zhang, Kumar Ranganathan, M
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2006
Where JHSN
Authors Ravi S. Sandhu, Xinwen Zhang, Kumar Ranganathan, Michael J. Covington
Comments (0)