Performance analysis for extended TLS with mutual attestation for platform integrity assurance

机译：具有相互证明的扩展TLS性能分析以确保平台完整性

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

A web service is a web-based application connected via the internet connectivity. The common web-based applications are deployed using web browsers and web servers. However, the security of Web Service is a major concern issues since it is not widely studied and integrated in the design stage of Web Service standard. They are add-on modules rather a well-defined solutions in standards. So, various web services security solutions have been defined in order to protect interaction over a network. Remote attestation is an authentication technique proposed by the Trusted Computing Group (TCG) which enables the verification of the trusted environment of platforms and assuring the information is accurate. To incorporate this method in web services framework in order to guarantee the trustworthiness and security of web-based applications, a new framework called TrustWeb is proposed. The TrustWeb framework integrates the remote attestation into SSL/TLS protocol to provide integrity information of the involved endpoint platforms. The framework enhances TLS protocol with mutual attestation mechanism which can help to address the weaknesses of transferring sensitive computations, and a practical way to solve the remote trust issue at the client-server environment. In this paper, we describe the work of designing and building a framework prototype in which attestation mechanism is integrated into the Mozilla Firefox browser and Apache web server. We also present framework solution to show improvement in the efficiency level.

机译：Web服务是通过Internet连接连接的基于Web的应用程序。常见的基于Web的应用程序是使用Web浏览器和Web服务器部署的。但是，Web Service的安全性是一个主要的关注问题，因为在Web Service标准的设计阶段尚未对其进行广泛的研究和集成。它们是附加模块，是标准中定义明确的解决方案。因此，已经定义了各种Web服务安全解决方案，以保护网络上的交互。远程证明是可信计算小组（TCG）提出的一种身份验证技术，它可以验证平台的可信环境并确保信息的准确性。为了将这种方法并入Web服务框架中，以确保基于Web的应用程序的可信赖性和安全性，提出了一种称为TrustWeb的新框架。 TrustWeb框架将远程证明集成到SSL / TLS协议中，以提供有关端点平台的完整性信息。该框架通过相互证明机制增强了TLS协议，可以帮助解决传输敏感计算的弱点，以及在客户端-服务器环境中解决远程信任问题的实用方法。在本文中，我们描述了设计和构建框架原型的工作，该框架中的认证机制已集成到Mozilla Firefox浏览器和Apache Web服务器中。我们还提出了框架解决方案，以显示效率水平的提高。

著录项

来源
《IEEE Annual International Conference on Cyber Technology in Automation, Control and Intelligent Systems》|2014年|13-18|共6页
会议地点
作者
Abd Aziz Norazah; Udzir Nur Izura; Mahmod Ramlan;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Browsers; Principal component analysis; Protocols; Security; Web servers;

机译：浏览器;主成分分析;协议;安全;网络服务器;

相似文献

外文文献
中文文献
专利

1. Remote Attestation with Domain-Based Integrity Model and Policy Analysis [J] . Xu Wenjuan, Zhang Xinwen, Hu Hongxin, Dependable and Secure Computing, IEEE Transactions on . 2012,第3期

机译：基于域的完整性模型的远程认证和策略分析
2. Extending Spectral Factorization to Array Pattern Synthesis Including Sparseness, Mutual Coupling, and Mounting-Platform Effects [J] . Andrea Francesco Morabito, Alessio Di Carlo, Loreto Di Donato, IEEE Transactions on Antennas and Propagation . 2019,第7期

机译：将频谱分解扩展到包括稀疏性，互耦和安装平台效应在内的阵列模式合成
3. L'ATTESTATION ET LE CERTIFICAT D'ASSURANCE [J] . Georges Dartois L'Auto - journal . 2009,第781期

机译：证明书和保险证明书
4. Performance analysis for extended TLS with mutual attestation for platform integrity assurance [C] . Abd Aziz Norazah, Udzir Nur Izura, Mahmod Ramlan IEEE Annual International Conference on Cyber Technology in Automation, Control and Intelligent Systems . 2014

机译：平台完整性保证的互联网延长TLS的绩效分析
5. Mutual Funds: A Measure of the Integrity of Income Mutual Fund Holdings. [D] . Franco, Paul A. 2014

机译：共同基金：衡量收入共同基金持有人诚信度的标准。
6. Thymus-leukemia (TL) antigens of the mouse. Analysis of TL mRNA and TL cDNA TL+ and TL- strains [O] . 1985

机译：小鼠的胸腺白血病（TL）抗原。 TL mRNA和TL cDNA TL +和TL-菌株的分析
7. Extending TLS with Mutual Attestation for Platform Integrity Assurance [O] . NorazahAbd Aziz, NurIzura Udzir, Ramlan Mahmod 2014

机译：扩展TLS以平台完整性保证的互相证明

Performance analysis for extended TLS with mutual attestation for platform integrity assurance

摘要

著录项

相似文献

相关主题

期刊订阅