"We present an architecture with trusted computing technology to support peer-to-peer based access control. Different from most traditional access control models and systems that focus on user property based policies, our approach considers the integrity and trust of platforms and applications that are used by a user to access an object,which is vulnerable from increasing software-based attacks inclient platforms. By using proposed trusted computing technologies,a reference monitor in a platform can act as an agent of an object owner to enforce access control policies, which states that an object can only be accessed in a genuine platform with applications in valid states, such as integrity and configuration. General policies with user security attributes such as role-based access control can also be supported in our architecture by binding identity and attribute in a certificate and being protected by trusted hardware Applications of the architecture in various domains show flexibility of deployment and enhancement of overall security in client platforms."
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.