EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Continuous Security Evaluation and Auditing of Remote Platforms by Combining Trusted Computing and Security Automation Techniques
RISE, Swedish ICT, SICS.ORCID iD: 0000-0003-3223-4234
RISE, Swedish ICT, SICS, Security Lab.ORCID iD: 0000-0001-8003-200x
Mälardalen University, Sweden.
2013 (English)Conference paper, Published paper (Refereed)
Abstract [en]

In new distributed systems paradigms like cloud computing, the security of the host platforms is very critical. The platform administrators use security automation techniques to ensure that the outsourced platforms are set up correctly and follow the security recommendations. However, the remote platform users still have to trust the platform owner. The third party security audits, used to shift the required user trust from the platform owner to a trusted entity, are scheduled and are not very frequent to deal with the daily reported vulnerabilities. In this paper we propose a continuous remote platform evaluation mechanism to be used by the remote entity to increase the platform user trust. We analyze the existing SCAP and trusted computing (TCG) standards for our solution, identify their shortcomings, and suggest ways to integrate them. Our proposed platform security evaluation framework uses the TCG-SCAP synergy to address the limitations of each technology when used separately.
Place, publisher, year, edition, pages
2013, 7. p. 136-143
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-24218DOI: 10.1145/2523514.2523537Scopus ID: 2-s2.0-84893211730OAI: oai:DiVA.org:ri-24218DiVA, id: diva2:1043298
Conference
The 6th International Conference on Security of Information and Networks
Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2020-12-01Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Aslam, MudassarGehrmann, Christian

Search in DiVA

By author/editor
Aslam, MudassarGehrmann, Christian
By organisation
SICSSecurity Lab
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 298 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0
|
WCAG