Manufacturer origin attestation for device user authorization

This disclosure describes techniques for user authentication and authorization for devices with support for manufacturer origin attestation. A client attestation certificate allows an authorization service to associate a device with its manufacturer (client). A unique client identifier is assigned by the authorization service to the client. The client assigns a unique instance certificate to each device. During initial authorization, each device uses a trusted local channel to establish identification before the authorization service and obtain an authorization code. The authorization code, the device instance attestation certificate chain, and a proof of possession of the instance key, in the form of a signed message that includes the authorization code, are supplied by the device for verification. Upon verification of the supplied code and the signed message, the authorization service returns user credentials for the device

Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version)

A widespread design approach in distributed applications based on the service-oriented paradigm, such as web-services, consists of clearly separating the enforcement of authorization policies and the workflow of the applications, so that the interplay between the policy level and the workflow level is abstracted away. While such an approach is attractive because it is quite simple and permits one to reason about crucial properties of the policies under consideration, it does not provide the right level of abstraction to specify and reason about the way the workflow may interfere with the policies, and vice versa. For example, the creation of a certificate as a side effect of a workflow operation may enable a policy rule to fire and grant access to a certain resource; without executing the operation, the policy rule should remain inactive. Similarly, policy queries may be used as guards for workflow transitions. In this paper, we present a two-level formal verification framework to overcome these problems and formally reason about the interplay of authorization policies and workflow in service-oriented architectures. This allows us to define and investigate some verification problems for SO applications and give sufficient conditions for their decidability.Comment: 16 pages, 4 figures, full version of paper at Symposium on Secure Computing (SecureCom09

Hot Topic: E-Verify and Local Governments (2010)

E-Verify is the electronic employment eligibility verification system that all federal contractors must use to verify the employment authorization of employees performing work under a federal contract

Hot Topic: E-Verify and Local Governments (2011)

E-Verify is the electronic employment eligibility verification system that all federal contractors must use to verify the employment authorization of employees performing work under a federal contract

Electronic Employment Eligibility Verification

[Excerpt] Unauthorized immigration and unauthorized employment continue to be key issues in the ongoing debate over immigration policy. Today’s discussions about these issues build on the work of prior Congresses. In 1986, following many years of debate about unauthorized immigration to the United States, Congress passed the Immigration Reform and Control Act (IRCA). This law sought to address unauthorized immigration, in part, by requiring all employers to examine documents presented by new hires to verify identity and work authorization and to complete and retain employment eligibility verification (I 9) forms. Ten years later, in the face of a growing unauthorized population, Congress attempted to strengthen the employment verification process by establishing pilot programs for electronic verification, as part of the Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (IIRIRA). The Basic Pilot program (known today as E Verify), the first of the three IIRIRA employment verification pilots to be implemented and the only one still in operation, began in November 1997. Originally scheduled to terminate in November 2001, it has been extended several times. It is currently authorized until September 30, 2018, in accordance with the Consolidated Appropriations Act, 2018 (P.L. 115 141). E Verify is administered by the Department of Homeland Security’s (DHS’s) U.S. Citizenship and Immigration Services (USCIS). As of April 2, 2018, there were 779,722 employers enrolled in E Verify, representing more than 2.5 million hiring sites. E Verify is a largely voluntary program, but there are some mandatory participation requirements. Among them is a rule, which became effective in 2009, requiring certain federal contracts to contain a new clause committing contractors to use E Verify. Under E Verify, participating employers enter information about their new hires (name, date of birth, Social Security number, immigration/citizenship status, and alien number, if applicable) into an online system. This information is automatically compared with information in Social Security Administration and, if necessary, DHS databases to verify identity and employment eligibility. Legislation on electronic employment eligibility verification has been considered in recent Congresses. In weighing proposals on electronic employment verification, Congress may find it useful to evaluate them in terms of their potential impact on a set of related issues: unauthorized employment; verification system accuracy, efficiency, and capacity; discrimination; employer compliance; privacy; and verification system usability and employer burden

Electronic Employment Eligibility Verification

[Excerpt] The policy issues discussed here may be especially important to consider in the context of proposals to require most or all employers to participate in E-Verify or another electronic employment eligibility verification system. A mandatory system could arguably make it possible to identify many more unauthorized workers. At the same time, under such a system, any inaccuracies, inefficiencies, or privacy breaches that occurred could affect much larger numbers of employees and employers. Employer compliance under a mandatory system would seem to be a salient issue, especially since it has direct implications for other issues, notably discrimination. Employer burden may be another important consideration. It may be that a mandatory system would require new strategies to address these issues

Integrity protection for code-on-demand mobile agents in e-commerce

The mobile agent paradigm has been proposed as a promising solution to facilitate distributed computing over open and heterogeneous networks. Mobility, autonomy, and intelligence are identified as key features of mobile agent systems and enabling characteristics for the next-generation smart electronic commerce on the Internet. However, security-related issues, especially integrity protection in mobile agent technology, still hinder the widespread use of software agents: from the agent’s perspective, mobile agent integrity should be protected against attacks from malicious hosts and other agents. In this paper, we present Code-on-Demand(CoD) mobile agents and a corresponding agent integrity protection scheme. Compared to the traditional assumption that mobile agents consist of invariant code parts, we propose the use of dynamically upgradeable agent code, in which new agent function modules can be added and redundant ones can be deleted at runtime. This approach will reduce the weight of agent programs, equip mobile agents with more flexibility, enhance code privacy and help the recoverability of agents after attack. In order to meet the security challenges for agent integrity protection, we propose agent code change authorization protocols and a double integrity verification scheme. Finally, we discuss the Java implementation of CoD mobile agents and integrity protection