Publikationen

Art der Publikation: Beitrag in Sammelwerk

Scalable Trust Establishment with Software Reputation

Autor(en):
Bugiel, Sven; Davi, Lucas; Schulz, Steffen
Titel des Sammelbands:
Proc. of 6th ACM Workshop on Scalable Trusted Computing (STC)
Veröffentlichung:
2011
Digital Object Identifier (DOI):
doi:10.1145/2046582.2046587
Link zum Volltext:
https://dl.acm.org/authorize?N27443
Zitation:
Download BibTeX

Kurzfassung

Users and administrators are often faced with the choice between different software solutions, sometimes even have to assess the security of complete software systems. With sufficient time and resources, such decisions can be based on extensive testing and review. However, in practice this is often too expensive and time consuming.

In this paper, we present a pragmatic, but scalable approach for the trustworthiness assessment of software programs based on their security history. The approach can be used to, e.g. automatically sort programs in an App store by their security record or to assess the trustworthiness of complex software systems in remote attestation schemes. Our prototype implementation for the popular Debian GNU/Linux system achieves good prediction accuracy for individual programs as well as entire systems.