Runtime Software Trustworthiness Evidence Collection Mechanism Based on TPM: Runtime Software Trustworthiness Evidence Collection Mechanism Based on TPM

  title={Runtime Software Trustworthiness Evidence Collection Mechanism Based on TPM: Runtime Software Trustworthiness Evidence Collection Mechanism Based on TPM},
  author={Liang Gu and Yao Guo and Hua Wang and Yanzhen Zou and Bing Xie and Weizhong Shao},
  journal={Journal of Software},
This paper extends the software trustworthiness evidence framework to include the runtime software trustworthiness evidence. [...] Key Method The agent can securely monitor executing programs and collect their trustworthiness evidence accordingly. The agent also provides some trusted services for programs to collect application specific evidences and guarantees the trustworthiness of these evidences.Expand
10 Citations
An approach of trustworthy software design with automatically adapting software update
The software designed by the approach has a higher ability of trustworthiness evaluation than the traditional software and can realize the accurate update of the trustworthy behavior trace with a lower space overhead of checkpoints when the software updates. Expand
A Software Behavior Trustworthiness Measurement Method based on Data Mining
This paper presents a congruence measurement method by partitions to apply software trustworthiness measures in dynamic behavior feature datasets that can make recommendations for users in services selection time under the environment of SaaS. Expand
Research on Management Scheme of Trusted Application Software
The proposal for this scheme provides a new idea and management mechanism for the chain of trust transmitting from Operating System to trusted applications in trusted computing. Expand
Web Services Trustworthiness Evaluation Based on Fuzzy Cognitive Maps
A model based on Fuzzy Cognitive Maps that combines the trust evidence framework and the dynamic context reputation feedback at runtime is presented that is effective for web services trustworthiness evaluation at both development stage and runtime adaptively. Expand
DS Theory-Based Software Trustworthiness Classification Assessment
  • Ben Wang, Xingshe Zhou, Gang Yang, Yalei Yang
  • Computer Science
  • 2010 7th International Conference on Ubiquitous Intelligence & Computing and 7th International Conference on Autonomic & Trusted Computing
  • 2010
A software trustworthiness classification assessment method based on DS theory, where the uncertainty and evidences combination are taken into account, and DS combination rule and Shannon entropy are applied to address the problems. Expand
A kind of dynamic software behavior trust model based on improved subjective logic
A kind of dynamic software behavior trust model, which is based on improved Josang’s Subjective Logic, to build the trust model through turning Basic Rate and Uncertainty Factors into dynamic ones and Trace of Software Behavior is introduced to provide characteristic information, which supports the trustiness of Software behavior. Expand
A Trust Model Based on Check Point Behaviors Risk Evaluation
A trust model based on check point behaviors risk evaluation is presented that can distinguish the potential risk effectively in software behaviors, evaluate the risk value trustworthy and provide objective and reliable information to judge whether software behaviors are credible or not. Expand
Firmware of Trusted Channel Based on the Trusted Platform Control Module
This model constructs a kind of trusted channel between trusted platform control module and hardware device through trusted micro command to put down hidden dangers such as data being monitored, tampered and forged in the process of transmission. Expand
Trust attestation mechanism for the sensing layer nodes of Internet of Things
The trust measurement for sensing nodes and verification is applicable to Internet of Things and the simulation experiment shows the trust attestation mechanism is flexible, practical and efficient and can accurately and quickly identify the malicious nodes at the same time. Expand
Trusted Platform Based Linux File Access Control
  • Guang-liang Guo, Q. Qian
  • Computer Science
  • 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing
  • 2015
A sort of file access control system based on trusted computing platform that can not only control the user access, but also the access process, which can effectively protect the secret documents. Expand


Trustworthiness of Internet-based software
This work proposes a trustworthy assurance framework for Internet-based virtual computing environment (iVCE), which deals with the trustworthy proper-ties of software on identity, capability and behavior in a combinated way. Expand
A Customizable Trust Management Framework Based on Middleware
AbstrcatBeing confronted with the trust crisis under the Internet environment,people have endeavored to develop technologies for supporting and measuring trust.Basically,traditional models andExpand
Design and Implementation of a TCG-based Integrity Measurement Architecture
This work shows that many of the Microsoft NGSCB guarantees can be obtained on today's hardware and today's software and that these guarantees do not require a new CPU mode or operating system but merely depend on the availability of an independent trusted entity, a TPM for example. Expand
An Efficient Attestation for Trustworthiness of Computing Platform
A system behavior based attestation model is presented which try to determine the trust state of attesting platform from its system trustworthiness related behaviors and has advantages of privacy protection and high feasibility. Expand
Remote attestation on program execution
This paper proposes to measure the target program and all the objects it depends on, with an assumption that the Secure Kernel and the Trusted Platform Module provide a secure execution environment through process separation. Expand
Linux security modules: general security support for the linux kernel
The design and implementation of LSM are presented and the challenges in providing a truly general solution that minimally impacts the Linux kernel are discussed. Expand
A survey of trust and reputation systems for online service provision
The purpose of this article is to give an overview of existing and proposed systems that can be used to derive measures of trust and reputation for Internet transactions, to analyse the current trends and developments in this area, and to propose a research agenda forTrust and reputation systems. Expand
Terra: a virtual machine-based platform for trusted computing
We present a flexible architecture for trusted computing, called Terra, that allows applications with a wide range of security requirements to run simultaneously on commodity hardware. ApplicationsExpand
Basic concepts and taxonomy of dependable and secure computing
The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of systems failures. Expand
Research and Development of Trust Management in Web Security
  • F. Xu
  • Computer Science
  • 2002
Its concepts and models are described in detail, and several typical trust management systems and trust valuation models are introduced. Expand