A Model-Driven Framework for Trusted Computing Based Systems

Existing approaches for Trust Management through software alone - by their very principle - are uncompromising and have inherent weaknesses. Once the information leaves the service provider platform, there is no way to guarantee the integrity of the information on the client (or service requestor) platform. The Trusted Computing Group proposed a quantum leap in security, a hardware based "root of trust" by which the integrity of a platform - be a client or service provider can be verified. However, there is no approach for the integration of this novel but essentially straight forward concept into the distributed application development. We believe that the complexity of Trusted Computing (TC) is one of the key factors that will hinder its successful integration within the web services based distributed application realm. Model-driven techniques offer a promising approach to alleviate the complexity of platforms. This contribution has three objectives. First, we detail SECTET - a model-driven framework for leveraging TC concepts at a higher level of abstraction. We secondly elaborate the integration of platform-independent XACML policies with the platform-specific SELinux policies. Thirdly, we share our experiences regarding the implementation results of the SECTET on TC based systems.