skip to main content
10.1145/1030083.1030125acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Attestation-based policy enforcement for remote access

Published: 25 October 2004 Publication History

Abstract

Intranet access has become an essential function for corporate users. At the same time, corporation's security administrators have little ability to control access to corporate data once it is released to remote clients. At present, no confidentiality or integrity guarantees about the remote access clients are made, so it is possible that an attacker may have compromised a client process and is now downloading or modifying corporate data. Even though we have corporate-wide access control over remote users, the access control approach is currently insufficient to stop these malicious processes. We have designed and implemented a novel system that empowers corporations to verify client integrity properties and establish trust upon the client policy enforcement before allowing clients (remote) access to corporate Intranet services. Client integrity is measured using a Trusted Platform Module (TPM), a new security technology that is becoming broadly available on client systems, and our system uses these measurements for access policy decisions enforced upon the client's processes. We have implemented a Linux 2.6 prototype system that utilizes the TPM measurement and attestation, existing Linux network control (Netfilter), and existing corporate policy management tools in the Tivoli Access Manager to control remote client access to corporate data. This prototype illustrates that our solution integrates seamlessly into scalable corporate policy management and introduces only a minor performance overhead.

References

[1]
Trusted Computing Group. Trusted Platform Module Main Specification, October 2003. Version 1.2, Revision 62, http://www.trustedcomputinggroup.org.]]
[2]
T. Frazer. LOMAC: Low water-mark integrity protection for cots environments. In IEEE Symposium on Security and Privacy, May 2000.]]
[3]
J. P. Anderson. Computer Security Technology Planning Study, 1972.]]
[4]
G. Karjoth. Access Control with IBM Tivoli Access Manager. ACM Transactions on Information and System Security, 6(2):232--257, 2003.]]
[5]
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. In Thirteenth Usenix Security Symposium, pages 223--238, August 2004.]]
[6]
IBM Tivoli. IBM Tivoli Access Manager for e-business. http://www-3.ibm.com/software/ tivoli/products/access-mgr-e-bus/.]]
[7]
D. Eastlake and P. Jones. Secure Hash Algorithm 1 (SHA1), September 2001. Request for Comment 3174.]]
[8]
K. J. Biba. Integrity considerations for secure computer systems. Technical Report MTR-3153, Mitre Corporation, Mitre Corp, Bedford MA, June 1975.]]
[9]
W. A. Arbaugh, D. J. Farber, and J. M. Smith. A Secure and Reliable Bootstrap Architecture. IEEE Computer Society Conference on Security and Privacy, pages 65--71, 1997.]]
[10]
S. W. Smith. Outgoing authentication for programmable secure coprocessors. In ESORICS, pages 72--89, 2002.]]
[11]
J. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S. W. Smith, and S. Weingart. Building the IBM 4758 Secure Coprocessor. IEEE Computer, 34(10):57--66, 2001.]]
[12]
IBM PCI-X Cryptographic Coprocessor, 2004. http://www-3.ibm.com/security/cryptocards/html/pcixcc.shtml.]]
[13]
D. Hollingworth and T. Redmond. Enhancing operating system resistance to information warfare. MILCOM 2000. 21st Century Military Communications Conference Proceedings, pages 1037--1041, 2000.]]
[14]
J. Dyer, R. Perez, R. Sailer, and L. van Doorn. Personal Firewalls and Intrusion Detection Systems. In 2nd Australian Information Warfare & Security Conference (IWAR), November 2001.]]
[15]
J. Molina A. Mishra and W. Arbaugh. The co-processor as an independent auditor. http://www.missl.cs.umd.edu/komoku/documents/coauditor.ps.]]
[16]
Xiaolan Zhang, Leendert van Doorn, Trent Jaeger, Ronald Perez, and Reiner Sailer. Secure Coprocessor-based Intrusion Detection. In Tenth ACM SIGOPS European Workshop, September 2002.]]
[17]
Paul England and Marcus Peinado. Authenticated operation of open computing devices. In ACISP 2002, LNCS, pages 346--361. Springer-Verlag, July 2002.]]
[18]
B. A. LaMacchia. Next-generation secure computing base (NGSCB), April 2003. RSA Conference 2003, San Francisco.]]
[19]
T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A Virtual Machine-Based Platform for Trusted Computing. In Proc. 9th ACM Symposium on Operating Systems Principles, pages 193--206, 2003.]]
[20]
D.F. Ferraiolo and D.R. Kuhn. Role based access control. In 15th National Computer Security Conference, 1992.]]
[21]
R. S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-based access control models. In IEEE Computer, volume 29(2), pages 38--47. IEEE Press, 1996.]]
[22]
D. E. Bell and L. J. LaPadula. Securecomputer system: Unified exposition and multics interpretation. Technical Report MTR-2997, MITRE Corporation, Bedford, MA, July 1975.]]
[23]
D. R. Wilson D. D. Clark. A comparison of commercial and military computer security policies. In IEEE Symposium on Security and Privacy, 1987.]]
[24]
S. M. Bellovin. Distributed Firewalls. login, November 1999.]]
[25]
S. Ioannidis, A. D. Keromytis, S. M. Bellovin, and J. M. Smith. Implementing a distributed firewall. In Proceedings of the ACM Computer and Communications Security (CCS) 2000, pages 190--199, November 2000.]]
[26]
The netfilter/iptables project, 2004. http://www.netfilter.org.]]
[27]
The Open Group. Authorization (AZN) API -- Technical Standard. http://www.opengroup.org/products/publications/catalog/c908.htm.]]

Cited By

View all
  • (2023)XFilter: An Extension of the Integrity Measurement Architecture Based on Fine-Grained PoliciesApplied Sciences10.3390/app1310604613:10(6046)Online publication date: 15-May-2023
  • (2023)Remote Attestation with Constrained DisclosureProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627118(718-731)Online publication date: 4-Dec-2023
  • (2023)Extending the Authentication Hierarchy with One-Way Agreement2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00025(214-228)Online publication date: Jul-2023
  • Show More Cited By

Index Terms

  1. Attestation-based policy enforcement for remote access

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCS '04: Proceedings of the 11th ACM conference on Computer and communications security
    October 2004
    376 pages
    ISBN:1581139616
    DOI:10.1145/1030083
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 25 October 2004

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. remote access
    2. security management
    3. trusted computing

    Qualifiers

    • Article

    Conference

    CCS04
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)49
    • Downloads (Last 6 weeks)3
    Reflects downloads up to 20 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)XFilter: An Extension of the Integrity Measurement Architecture Based on Fine-Grained PoliciesApplied Sciences10.3390/app1310604613:10(6046)Online publication date: 15-May-2023
    • (2023)Remote Attestation with Constrained DisclosureProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627118(718-731)Online publication date: 4-Dec-2023
    • (2023)Extending the Authentication Hierarchy with One-Way Agreement2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00025(214-228)Online publication date: Jul-2023
    • (2022)Towards Practical Application-level Support for Privilege SeparationProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3564664(71-87)Online publication date: 5-Dec-2022
    • (2022)A Resilient Network Node for the Industrial Internet of ThingsProceedings of the 17th International Conference on Availability, Reliability and Security10.1145/3538969.3538989(1-10)Online publication date: 23-Aug-2022
    • (2022)RPRIA: Reputation and PUF-Based Remote Identity Attestation Protocol for Massive IoT DevicesIEEE Internet of Things Journal10.1109/JIOT.2022.31641749:19(19174-19187)Online publication date: 1-Oct-2022
    • (2022)QEnclave - A practical solution for secure quantum cloud computingnpj Quantum Information10.1038/s41534-022-00612-58:1Online publication date: 5-Nov-2022
    • (2021)TAMEC: Trusted Augmented Mobile Execution on CloudScientific Programming10.1155/2021/55428522021(1-8)Online publication date: 8-Mar-2021
    • (2021)Userspace Software Integrity MeasurementProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470018(1-11)Online publication date: 17-Aug-2021
    • (2020)Subverting Linux' integrity measurement architectureProceedings of the 15th International Conference on Availability, Reliability and Security10.1145/3407023.3407058(1-10)Online publication date: 25-Aug-2020
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media