Rapid Trust Establishment for Pervasive Personal Computing
|
The emergence of pervasive computing systems such as Internet Suspend/Resume has facilitated access to a user's personalized computing environment for transient use on unmanaged hardware. Trust-Sniffer, a tool that helps users gain confidence in using software on an untrusted machine, addresses this usage model's associated security risks. The root of trust is a small, user-carried device such as a USB memory stick. Trust-Sniffer verifies the target machine's on-disk boot image and incrementally expands the zone of trust by validating applications, including dynamically linked libraries, before they execute. Trust-Sniffer validates an application by comparing its checksum to a list of known good checksums. If it can't validate a binary, it blocks the binary's execution. This staged approach to establishing confidence in an untrusted machine strikes a balance between security and ease of use and facilitates rapid use of transient hardware. This article is part of a special issue on security and privacy.
[1] 24 M. Kozuch and M. Satyanarayanan, "Internet Suspend/Resume," Proc. 4th IEEE Workshop Mobile Computing Systems and Applications, IEEE CS Press, 2002, p. 40.
[2] M. Satyanaranyanan et al., "Towards Seamless Mobility on Pervasive Hardware," Pervasive and Mobile Computing, vol. 1, no. 2, 2005, pp. 157–189.
[3] M. Satyanaranyanan et al., "Pervasive Personal Computing in an Internet Suspend/Resume System," IEEE Internet Computing, vol. 11, no. 2, 2007, pp. 16–25.
[4] S.T. King et al., "SubVirt: Implementing Malware with Virtual Machines," Proc. 2006 IEEE Symp. Security and Privacy, IEEE CS Press, 2006, pp. 314–327.
[5] R. Sailer et al., "Design and Implementation of a TCG-Based Integrity Measurement Architecture," Proc. 13th Conf. USENIXSecurity Symp., USENIXAssoc., 2004, pp. 223–238.
[6] A.B. Brown and M.I. Seltzer, "Operating System Benchmarking in the Wake of LMbench: A Case Study of the Performance of NetBSD on the Intel x86 Architecture," Proc. 1997 ACM SIGMETRICSInt'l Conf. Measurement and Modeling of Computer Systems, ACM Press, 1997, pp. 214–224.
[1] W.A. Arbaugh, D.J. Farber, and J.M. Smith, "A Secure and Reliable Bootstrap Architecture," Proc. 1997 IEEE Symp. Security and Privacy, IEEE CS Press, 1997, pp. 65–71.
[2] R. Cáceres et al. "Reincarnating PCs with Portable SoulPads," Proc. 3rd Int'l Conf. Mobile Systems, Applications, and Services (MobiSys 05), ACM Press, 2005, pp. 65–78.
[3] D.E. Clarke et al., "The Untrusted Computer Problem and Camera-Based Authentication," Proc. 1st Int'l Conf. Pervasive Computing, LNCS 2414, Springer, 2002, pp. 114–124.
[4] M. Naor and B. Pinkas, "Visual Authentication and Identification," Proc. 17th Ann. Int'l Cryptology Conf. Advances in Cryptology, LNCS 1294, Springer, 1997, pp. 322–336.
[5] M. Abadi et al., "Authentication and Delegation with Smart-Cards," Science of Computer Programming, vol. 21, no. 2, 1993, pp. 91–113.
[6] R. Kennell and L.H. Jamieson, "Establishing the Genuinity of Remote Computer Systems," Proc. 12th Conf. USENIXSecurity Symp., USENIXAssoc., 2003, pp. 295–310.
[7] A. Seshadri et al., "Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems," Proc. 20th ACM Symp. Operating Systems Principles, ACM Press, 2005, pp. 1–16.
[8] S. Garris et al., "Towards Trustworthy Kiosk Computing," Proc. 8th IEEE Workshop Mobile Computing Systems and Applications, IEEE CS Press, 2007.
Index Terms:
establishing trust, untrusted terminal, transient use, trusted computing, load-time validation, Internet Suspend/Resume
Citation:
Ajay Surie, Adrian Perrig, Mahadev Satyanarayanan, David J. Farber, "Rapid Trust Establishment for Pervasive Personal Computing," IEEE Pervasive Computing, vol. 6, no. 4, pp. 24-30, Oct.-Dec. 2007, doi:10.1109/MPRV.2007.84
PURCHASE ARTICLE: $19
IEEE Xplore Subscribers
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb