| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 425323 | Future Generation Computer Systems | 2011 | 16 Pages |
Many distributed batch systems, such as computational grids, require a level of integrity protection to guarantee the proper execution of a job or workflow. One way of achieving this, implicit in many trusted computing proposals, is to use application whitelisting to prevent unknown and untrusted applications from being executed on remote services. However, this approach has significant shortcomings across multiple administrative domains, as conflicts between locally managed whitelists will result in many useful services appearing untrustworthy to users. This has the potential to limit availability and prevent trusted distributed systems from ever being successfully deployed.We propose a set of requirements for a system which will manage these conflicts, and provide a mechanism for updating application whitelists that will increase service availability and trustworthiness. We also suggest and specify a set of components, including a centralised configuration manager, which will meet these requirements.
Research highlights► Trusted distributed systems through integrity reporting. ► Requirements for implementing whitelist-based platform configuration controls. ► Provision of a mechanism for updating and sharing application whitelists. ► Introduction of a centralised configuration verification server.
