A Novel Server-Based Application Execution Architecture

The trustworthiness of application plays a key role in the overall trustworthiness of computer systems. However, the current uncontrolled way of application execution brings difficulties in providing sufficient application trustworthiness. In this paper we present a server-based application execution architecture to reinforce the application-level trustworthiness, with reference to trusted computing and the software identification scheme. A system agent is introduced in the architecture to employ the TPM to implement integrity measurement, and communicate with the server to determine whether executions of applications are permitted based on their identification (indicating application trustworthiness), and therefore improves the trustworthiness and security of the system. To further enable necessary executions of untrusted applications, the concept of multi-level security is adopted to design a configurable strategy to maintain a balance between system security and usability. Experimental results show that with acceptable system cost, trustworthiness of application is guaranteed and appropriate execution flexibility can be achieved.