Remote attestation approach by cross-layer security policy translation

Lingbo Jiang*, Yuping Wang, Tiehua Wen, Jianfeng Tan

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

The security policy can exactly reflect the security expectations of system models. Besides, it is also an important method of remote attestation of computing environment, which is based on model behaviours. Existing policy measurement approaches focus on single model. However, practical policies usually include various kinds of model properties so that existing methods cannot meet the demands of combined policy measurement and unified expectations of multiple collaborative mechanisms and dynamic control systems. This paper proposes a novel remote attestation approach based on cross-layer security policy translation, CPMA, which is used to verify security expectations and combined policy measurements of multiple model systems. CPMA presents security exception expressions and the descriptions of the high-layer policy and the low-layer policy. It also designs the translation algorithm and verification algorithm with low overhead to achieve the trusted measurement of multiple mechanism policies. Extensive evaluations show that CPMA can measure and verify system actions accurately and effectively.

Original languageEnglish
Pages (from-to)357-371
Number of pages15
JournalInternational Journal of High Performance Computing and Networking
Volume9
Issue number5-6
DOIs
Publication statusPublished - 2016
Externally publishedYes

Keywords

  • Filter verification
  • Policy translation
  • Remote attestation
  • Security expectation

Fingerprint

Dive into the research topics of 'Remote attestation approach by cross-layer security policy translation'. Together they form a unique fingerprint.

Cite this