Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Distributed usage control enforcement through trusted platform modules and SGX enclaves

: Wagner, P.; Birnstill, Pascal; Beyerer, Jürgen

Volltext urn:nbn:de:0011-n-5066062 (505 KByte PDF)
MD5 Fingerprint: 89bd5d96ecdfe5b0550eec4fcbcbf971
Erstellt am: 16.8.2018

Association for Computing Machinery -ACM-:
SACMAT 2018, 23nd ACM on Symposium on Access Control Models and Technologies. Proceedings : Indianapolis, Indiana, USA, June 13 - 15, 2018
New York: ACM, 2018
ISBN: 978-1-4503-5666-4
Symposium on Access Control Models and Technologies (SACMAT) <23, 2018, Indianapolis/Ind.>
Konferenzbeitrag, Elektronische Publikation
Fraunhofer IOSB ()
usage control; access control; trusted reference monitor; trusted platform module; SGX; secure remote computation

In the light of mobile and ubiquitous computing, sharing sensitive information across different computer systems has become an increasingly prominent practice. This development entails a demand of access control measures that can protect data even after it has been transferred to a remote computer system. In order to address this problem, sophisticated usage control models have been developed. These models include a client side reference monitor (CRM) that continuously enforces protection policies on foreign data. However, it is still unclear how such a CRM can be properly protected in a hostile environment. The user of the data on the client system can influence the client's state and has physical access to the system. Hence technical measures are required to protect the CRM on a system, which is legitimately used by potential attackers. Existing solutions utilize Trusted Platform Modules (TPMs) to solve this problem by establishing an attestable trust anchor on the client. However, the resulting protocols have several drawbacks that make them infeasible for practical use. This work proposes a reference monitor implementation that establishes trust by using TPMs along with Intel SGX enclaves. First we show how SGX enclaves can realize a subset of the existing usage control requirements. Then we add a TPM to establish and protect a powerful enforcement component on the client. Ultimately this allows us to technically enforce usage control policies on an untrusted remote system.