TY - GEN
T1 - Satem
T2 - 25th IEEE Symposium on Reliable Distributed Systems, SRDS 2006
AU - Gang, Xu
AU - Borcea, Cristian
AU - Iftode, Liviu
PY - 2006
Y1 - 2006
N2 - Web services and service oriented architectures are becoming the de facto standard for Internet computing. A main problem faced by users of such services is how to ensure that the service code is trusted. While methods that guarantee trusted service code execution before starting a client-service transaction exist, there is no solution for extending this assurance to the entire lifetime of the transaction. This paper presents Satem, a Service-aware trusted execution monitor that guarantees the trustworthiness of the service code across a whole transaction. The Satem architecture consists of an execution monitor residing in the operating system kernel on the service provider platform, a trust evaluator on the client platform, and a service commitment protocol. During this protocol, executed before every transaction, the client requests and verifi es against its local policy a commitment from the service platform that promises trusted code execution. Subsequently, the monitor enforces this commitment for the duration of the transaction. To initialize the trust on the monitor, we use the Trusted Platform Module specifi ed by the Trusted Computing Group. We implemented Satem under the Linux 2.6.12 kernel and tested it for a web service and DNS. The experimental results demonstrate that Satem does not incur signifi cant overhead to the protected services and does not impact the unprotected services.
AB - Web services and service oriented architectures are becoming the de facto standard for Internet computing. A main problem faced by users of such services is how to ensure that the service code is trusted. While methods that guarantee trusted service code execution before starting a client-service transaction exist, there is no solution for extending this assurance to the entire lifetime of the transaction. This paper presents Satem, a Service-aware trusted execution monitor that guarantees the trustworthiness of the service code across a whole transaction. The Satem architecture consists of an execution monitor residing in the operating system kernel on the service provider platform, a trust evaluator on the client platform, and a service commitment protocol. During this protocol, executed before every transaction, the client requests and verifi es against its local policy a commitment from the service platform that promises trusted code execution. Subsequently, the monitor enforces this commitment for the duration of the transaction. To initialize the trust on the monitor, we use the Trusted Platform Module specifi ed by the Trusted Computing Group. We implemented Satem under the Linux 2.6.12 kernel and tested it for a web service and DNS. The experimental results demonstrate that Satem does not incur signifi cant overhead to the protected services and does not impact the unprotected services.
UR - http://www.scopus.com/inward/record.url?scp=38949139795&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38949139795&partnerID=8YFLogxK
U2 - 10.1109/SRDS.2006.42
DO - 10.1109/SRDS.2006.42
M3 - Conference contribution
AN - SCOPUS:38949139795
SN - 0769526772
SN - 9780769526775
T3 - Proceedings of the IEEE Symposium on Reliable Distributed Systems
SP - 321
EP - 334
BT - Proceedings - 25th IEEE Symposium on Reliable Distributed Systems, SRDS 2006
Y2 - 2 October 2006 through 4 October 2006
ER -