93,665 research outputs found
Dynamic Trust Federation in Grids
Grids are becoming economically viable and productive tools. Grids provide a way of utilizing a vast array of linked resources such as computing systems, databases and services online within Virtual Organizations (VO). However, today’s Grid architectures are not capable of supporting dynamic, agile federation across multiple administrative domains and the main barrier, which hinders dynamic federation over short time scales is security. Federating security and trust is one of the most significant architectural issues in Grids. Existing relevant standards and specifications can be used to federate security services, but do not directly address the dynamic extension of business trust relationships into the digital domain. In this paper we describe an experiment in which we highlight those challenging architectural issues and we will further describe how the approach that combines dynamic trust federation and dynamic authorization mechanism can address dynamic security trust federation in Grids. The experiment made with the prototype described in this paper is used in the NextGRID project for the definition of requirements for next generation Grid architectures adapted to business application need
Multilevel Contracts for Trusted Components
This article contributes to the design and the verification of trusted
components and services. The contracts are declined at several levels to cover
then different facets, such as component consistency, compatibility or
correctness. The article introduces multilevel contracts and a
design+verification process for handling and analysing these contracts in
component models. The approach is implemented with the COSTO platform that
supports the Kmelia component model. A case study illustrates the overall
approach.Comment: In Proceedings WCSI 2010, arXiv:1010.233
On Making Emerging Trusted Execution Environments Accessible to Developers
New types of Trusted Execution Environment (TEE) architectures like TrustLite
and Intel Software Guard Extensions (SGX) are emerging. They bring new features
that can lead to innovative security and privacy solutions. But each new TEE
environment comes with its own set of interfaces and programming paradigms,
thus raising the barrier for entry for developers who want to make use of these
TEEs. In this paper, we motivate the need for realizing standard TEE interfaces
on such emerging TEE architectures and show that this exercise is not
straightforward. We report on our on-going work in mapping GlobalPlatform
standard interfaces to TrustLite and SGX.Comment: Author's version of article to appear in 8th Internation Conference
of Trust & Trustworthy Computing, TRUST 2015, Heraklion, Crete, Greece,
August 24-26, 201
Contextualized B2B Registries
Abstract. Service discovery is a fundamental concept underpinning the move towards dynamic service-oriented business partnerships. The business process for integrating service discovery and underlying registry technologies into business relationships, procurement and project management functions has not been examined and hence existing Web Service registries lack capabilities required by business today. In this paper we present a novel contextualized B2B registry that supports dynamic registration and discovery of resources within management contexts to ensure that the search space is constrained to the scope of authorized and legitimate resources only. We describe how the registry has been deployed in three case studies from important economic sectors (aerospace, automotive, pharmaceutical) showing how contextualized discovery can support distributed product development processes
Authorised Translations of Electronic Documents
A concept is proposed to extend authorised translations of documents to
electronically signed, digital documents. Central element of the solution is an
electronic seal, embodied as an XML data structure, which attests to the
correctness of the translation and the authorisation of the translator. The
seal contains a digital signature binding together original and translated
document, thus enabling forensic inspection and therefore legal security in the
appropriation of the translation. Organisational aspects of possible
implementation variants of electronic authorised translations are discussed and
a realisation as a stand-alone web-service is presented.Comment: In: Peer-reviewed Proceedings of the Information Security South
Africa (ISSA) 2006 From Insight to Foresight Conference, 5 to 7 July 2006,
Sandton, South Afric
- …