Abstract
Often in collaborative research environments that are facilitated through virtual infrastructures, there are requirements for sharing virtual appliances and verifying their trustworthiness. Many researchers assume that virtual appliances — shared between known virtual organisations — are naturally safe to use. However, even if we assume that neither of the sharing parties are malicious, these virtual appliances could still be mis-configured (in terms of both security and experiment requirements) or have out-of-date software installed.
Based on formal methods, we propose a flexible method for specifying such security and software requirements, and verifying the virtual appliance events (captured through logs) against these requirements. The event logs are transformed into a process model that is checked against a pre-defined whitelist — a repository of formal specifications. Verification results indicate whether or not there is any breach of the requirements and if there is a breach, the exact steps leading to it are made explicit.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Flavio, C., Alberto, A., Barbara, R., Damiano, F.: An eclipse plug-in for formal verification of bpmn processes. In: International Conference on Communication Theory, Reliability, and Quality of Service, vol. 0, pp. 144–149 (2010)
Huh, J., Martin, M.: Trusted logging for grid computing. In: Third Asia-Pacific Trusted Infrastructure Technologies Conference, October 2008, pp. 30–42. IEEE Computer Society, Los Alamitos (2008)
Lyle, J.: Trustable remote verification of web services. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 153–168. Springer, Heidelberg (2009)
Huh, J.H., Lyle, J., Namiluko, C., Martin, A.: Managing application whitelists in trusted distributed systems. Future Generation Computer Systems (2010), (in Press, accepted manuscript)
Griffin, J.L., Jaeger, T., Perez, R., Sailer, R., Doorn, L., Caceres, R.: Trusted virtual domains: Toward secure distributed services. In: 1st Workshop on Hot Topics in System Dependability (2005)
Wong, P.Y.H., Gibbons, J.: A Process Semantics for BPMN. In: Liu, S., Araki, K. (eds.) ICFEM 2008. LNCS, vol. 5256, pp. 355–374. Springer, Heidelberg (2008), 10.1007/978-3-540-88194-0_22
Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice Hall PTR, Upper Saddle River (1997)
Rozinat, A., van der Aalst, W.M.P.: Conformance checking of processes based on monitoring real behavior. Inf. Syst. 33(1), 64–95 (2008)
Rozinat, A., van der Aalst, W.M.P.: Conformance Testing: Measuring the Fit and Appropriateness of Event Logs and Process Models. In: Bussler, C.J., Haller, A. (eds.) BPM 2005. LNCS, vol. 3812, pp. 163–176. Springer, Heidelberg (2006), 10.1007/11678564_15
Bleikertz, S., Gross, T., Schunter, M., Eriksson, K.: Automating Security Audits of Heterogeneous Virtual Infrastructures (August 2010), http://infrasightlabs.com/wp-content/uploads/2010/08/rz3786.pdf
Sailer, R., Zhang, X., Jaeger, T., Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: SSYM 2004: Proceedings of the 13th conference on USENIX Security Symposium, pages 16–16. USENIX Association, Berkeley (2004)
Ulrich, A., Hallal, H., Petrenko, A., Boroday, S.: Verifying trustworthiness requirements in distributed systems with formal log-file analysis. In: Hawaii International Conference on System Sciences, vol. 9, p. 337b (2003)
van der Aalst, W., Weijters, T., Maruster, L.: Workflow mining: Discovering process models from event logs. IEEE Trans. on Knowl. and Data Eng. 16(9), 1128–1142 (2004)
van der Aalst, W.M.P., van Dongen, B.F., Günther, C.W., Rozinat, A., Verbeek, E., Weijters, T.: Prom: The process mining toolkit. In: de Medeiros, A.K.A., Weber, B. (eds.) BPM (Demos), CEUR Workshop Proceedings, vol. 489 (2009), CEUR-WS.org
van Dongen, B.F., de Medeiros, A.K.A., Verbeek, H.M.W(E.), Weijters, A.J.M.M.T., van der Aalst, W.M.P.: The proM framework: A new era in process mining tool support. In: Ciardo, G., Darondeau, P. (eds.) ICATPN 2005. LNCS, vol. 3536, pp. 444–454. Springer, Berlin (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Namiluko, C., Huh, J.H., Martin, A. (2011). Verifying Trustworthiness of Virtual Appliances in Collaborative Environments. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, AR., Sasse, A., Beres, Y. (eds) Trust and Trustworthy Computing. Trust 2011. Lecture Notes in Computer Science, vol 6740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21599-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-21599-5_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21598-8
Online ISBN: 978-3-642-21599-5
eBook Packages: Computer ScienceComputer Science (R0)