JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2015, Vol. 50 ›› Issue (11): 47-51.doi: 10.6040/j.issn.1671-9352.3.2015.081

Previous Articles     Next Articles

Multiple third-party remote attestation mechanism based on credibility weights policy

JI Xiang-min1,2, SU Hang3, XIANG Shuang2, ZHOU Shu-cheng1   

  1. 1. College of Computer and Information Sciences, Fujian Agriculture and Forestry University, Fuzhou 350002, Fujian, China;
    2. School of Computer Science, Wuhan University, Wuhan 430072, Hubei, China;
    3. Works Applications Co. Ltd, Shanghai 200050, China
  • Received:2015-07-22 Revised:2015-10-30 Online:2015-11-20 Published:2015-12-09

Abstract: To overcome the invalidation problem due to single third-party attestation failures in cloud computing environments, we proposed a remote attestation mechanism based on multiple third-party by extending single third-party to third-party parties verifier cluster. The mechanism can ensure that sound attestation results is provided to the requester under the circumstance that part of the verifiers are invalid or attacked. In particular, considering multiple third-party collusion attack, we presented third-party filtering algorithms and credibility weight strategy to resist collusion attack, which minimizes ultimate assertion failures as a result of malicious innocence allegations simultaneously. Experimental results show that this mechanism, compared to the single verifier, is more reliable and better resisting collusion attack in practical applications.

Key words: credibility weights policy, multiple third-party, remote attestation

CLC Number: 

  • TP309
[1] 张严,冯登国,于爱民.云计算环境虚拟机匿名身份证明方案[J].软件学报,2013,24(12):2897-2908. ZHANG Yan, FENG Dengguo, YU Aimin. Virtual machine anonymous attestation incloud computing[J]. Journal of Software, 2013, 24(12):2897-2908.
[2] 王勇, 方娟, 任兴田,等.基于进程代数的TCG远程证明协议的形式化验证[J].计算机研究与发展, 2013, 50(2):325-331. WANG Yong, FANG Juan, REN Xingtian, et al. Formal verification of TCG remote attestation protocol based onprocess algebra[J].Journal of Computer Research and Development, 2013, 50(2):325-331.
[3] Ahmad-Reza Sadeghi, Christian Stuble. Property-based attestation for computing platforms:caring about properties, not machanisms[C]//Proceedings of the 2004 Workshop on New Security Paradigms, September. New York:ACM, 2005:1-5.
[4] LI Jianjun, LI Yingjia, HU Yajun, et al. An improved protocol for property-based attestation[C]//Proceedings of the 32nd Chinese Control Conference (CCC). Piscataway:IEEE, 2013:6343-6348.
[5] 秦余,冯登国. 基于组件属性的远程证明幸[J].软件学报,2009,20(6):1625-1641. QIN Yu, FENG Dengguo. Component property based remote attestation[J].Journal of Software, 2009, 20(6):1625-1641.
[6] QIN Yu, FENG Dengguo, ZHEN Xu. An anonymous property-based attestation protocol from bilinear maps[C]//Proceedings of International Conference on Computational Science and Engineering(CSE'09). Piscataway:IEEE, 2009:732-738.
[7] AWAD A, KADRY S, LEE B, et al. Property based attestation for a secure cloud monitoring system[C]//Proceedings of 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing (UCC). Los Alamitos:IEEE Computer Society, 2014:934-940.
[8] XIN Siyuan, ZHAO Yong, LI Yu. Property-based remote attestation oriented to cloud computing[C]//Proceedings of the 7th International Conference on Computational Intelligence and Security. Los Alamitos:IEEE Computer Society, 2011:1028-1032.
[9] 李尚杰,贺也平,刘冬梅,等.基于属性的远程证明的隐私性分析[J].通信学报,2009,30(1lA):146-152. LI Shangjie, HE Yeping, LIU Dongmei, et al. On privacy of property-based remote attestation[J]. Journal on Communications, 2009, 30(11A):146-152.
[10] ZHAO B H, GUO H. Dynamic remote attestation on trusted computing[J]. Applied Mechanics & Materials, 2015:696.
[11] AZIZ N, UDZIR N, MAHMOD R. Extending TLS with mutual attestation for platform integrity assurance[J]. Journal of Communications, 2014, 9(1):63-72.
[12] LI Xiaoyong, HAN Zhen, SHEN Changxiang. Software complexity based remote attestation[C]//Proceedings of the 1st International Conference on Innovative Computing, Information and Control. Los Alamitos:IEEE Computer Society, 2006:220-224.
[13] LI Jianjun, LI Yingjia, HU Yajun,et al. An improved protocol for property-based attestation[C]//Proceedings of the 32nd Chinese Control Conference (CCC). Piscataway:IEEE, 2013:6343-6350.
[14] PENG Xinguang, JIA Wei. Filter-based trusted remote attestation for web services[C]//Proceedings of the 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT 2010). Piscataway:IEEE, 2010:5-9.
[15] YU Y, WANG H, LIU B, et al. A trusted remote attestation model based on trusted computing[C]//Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). Los Alamitos:IEEE Computer Society, 2013:1504-1509.
[16] ALAM M, ZHANG X, NAUMAN M, et al. Model-based behavioral attestation[C]//Proceedings of the 13th ACM Symposium on Access Control Models and Technologies. New York:ACM, 2008:175-184.
[1] LI Xiao-ce, PAN Xiao-zhong, MAI Tao-tao. Multi-component property based remote attestation [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(9): 53-58.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!