Abstract
We’ve build a model of trust chain, and developed TCSE, a tool for estimating the security properties of the trust chain. The highlight of TCSE is that it can generate a probabilistic finite state automaton and verify or calculate four security properties of a trust chain following our algorithms. These properties are: credibility, usability, restorability and conformity. With these four values of a trust chain, we can estimate the security of a trusted computer (a computer with a trusted computing module). Using this tool, an ordinary user with the help of the Common Vulnerability Scoring System (CVSS) from which one can easily get the needed parameters can figure out these four properties quickly. This tool can be used in the area where the security of trusted computers are needed to be precisely quantized.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Xu, M., Zhang, H., Yan, F.: Testing on trust chain of trusted coputing platform based on labeled transition system. Chin. J. Comput. 32(4), 635–645 (2009)
Fu, L., Wang, D., Kuang, J.: Conformance testing for trust chain of trusted computing platform based on finite state machine. J. Comput. Inf. Syst. 7(8), 2717–2724 (2011)
Zhan, J., Zhang, H.: Automated testing of the trusted platform module. J. Comput. Res. Dev. 46(11), 1839–1846 (2009)
Kwiatkowska, M., Norman, G., Parker, D.: PRISM: probabilistic symbolic model checker. In: Field, T., Harrison, P.G., Bradley, J., Harder, U. (eds.) TOOLS 2002. LNCS, vol. 2324, pp. 200–204. Springer, Heidelberg (2002)
Ching, W.-K., Huang, X., Ng, M.K., Siu, Tk: Markov Chains: Models, Algorithms and Applications, vol. 189. Springer, Heidelberg (2013)
Christel, B., Joost, P.K.: Principles of Model Checking, pp. 757–765. The MIT Press, Cambridge (2008)
Bratus, S., D’Cunha, N., Sparks, E., Smith, S.W.: TOCTOU, traps, and trusted computing. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 14–32. Springer, Heidelberg (2008)
Bryan, J.P.: Trust extension as a mechanism for secure code execution on commodity computers. Ph.D.thesis, School of Electrical and Computer Engineering Carnegie Mellon University, April 2010
Zhen, H.D., Cong, T., Li, Z.: A decision procedure for propositional projection temporal logic with infinite models. Acta Informatica 45(1), 43–78 (2008)
Tian, C., Duan, Z.: Model checking propositional projection temporal logic based on SPIN. In: Butler, M., Hinchey, M.G., Larrondo-Petrie, M.M. (eds.) ICFEM 2007. LNCS, vol. 4789, pp. 246–265. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Hu, W., Ji, D., Wang, T., Yao, G. (2015). A New Trust Chain Security Evaluation Model and Tool. In: Tian, J., Jing, J., Srivatsa, M. (eds) International Conference on Security and Privacy in Communication Networks. SecureComm 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 153. Springer, Cham. https://doi.org/10.1007/978-3-319-23802-9_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-23802-9_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23801-2
Online ISBN: 978-3-319-23802-9
eBook Packages: Computer ScienceComputer Science (R0)