Advertisement

Abstract

As its name indicates, NGSCB aims to be the ”Next-Generation Secure Computing Base”. As envisioned in the context of Trusted Computing initiatives, NGSCB provides protection against software attacks. This paper describes NGSCB using a logic for authentication and access control. Its goal is to document and explain the principals and primary APIs employed in NGSCB.

Keywords

Trusted Platform Module Trust Computing Primary APIs Trust Computing Group Access Control List 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Abadi, M.: Trusted computing, trusted third parties, and verified communications. To appear in Proceedings of the 19th IFIP International Security Conference (SEC 2004), Kluwer (2004)Google Scholar
  2. 2.
    Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Appel, A., Felten, E.: Proof-carrying authentication. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 52–62 (1999)Google Scholar
  4. 4.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Brickell, E.: An efficient protocol for anonymously providing assurance of the container of a private key. Submitted to the Trusted Computing Group (2003)Google Scholar
  6. 6.
    Bauer, L., Schneider, M., Felten, E.: A general and flexible access control system for the Web. In: Proceedings of the 11th USENIX Security Symposium 2002, pp. 93–108 (2002)Google Scholar
  7. 7.
    DeTreville, J.: Binder, a logic-based security language. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 105–113 (2002)Google Scholar
  8. 8.
    England, P., Lampson, B., Manferdelli, J., Peinado, M., Willman, B.: A trusted open platform. IEEE Computer 36(7), 55–62 (2003)CrossRefGoogle Scholar
  9. 9.
    England, P., Peinado, M.: Authenticated operation of open computing devices. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 346–361. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: Proceedings of the 19th Symposium on Operating System Principles (SOSP 2003), pp. 193–206 (2003)Google Scholar
  11. 11.
    Gasser, M., Goldstein, A., Kaufman, C., Lampson, B.: The Digital distributed system security architecture. In: Proceedings of 12th National Computer Security Conference, pp. 305–319. NIST/NCSC (1989)Google Scholar
  12. 12.
    Lampson, B., Abadi, B., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)CrossRefGoogle Scholar
  13. 13.
    Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, D.: Architectural support for copy and tamper resistant software. In: Ninth International ACM Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX), pp. 168–177 (2000)Google Scholar
  14. 14.
    Microsoft Corporation: Next-generation secure computing base. Archive Product Information, http://www.microsoft.com/resources/ngscb/archive.mspx
  15. 15.
    Peinado, M., Chen, Y., England, P., Manferdelli, J.: NGSCB: A trusted open system. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 86–97. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Trusted Computing Group: Home page, http://www.trustedcomputinggroup.org
  17. 17.
    Wallach, D., Appel, A., Felten, E.: SAFKASI: a security mechanism for languagebased systems. ACM Transactions on Software Engineering and Methodology 9(4), 341–378 (2000)CrossRefGoogle Scholar
  18. 18.
    Wobber, E., Abadi, M., Burrows, M., Lampson, B.: Authentication in the Taos operating system. ACM Transactions on Computer Systems 12(1), 3–32 (1994)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2004

Authors and Affiliations

  • Martín Abadi
    • 1
  • Ted Wobber
    • 2
  1. 1.University of California at Santa CruzUSA
  2. 2.Microsoft ResearchSilicon Valley

Personalised recommendations