Issue No.04 - October-December (2007 vol.6)
Ajay Surie , Carnegie Mellon University
Mahadev Satyanarayanan , Carnegie Mellon University
David J. Farber , Carnegie Mellon University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MPRV.2007.84
The emergence of pervasive computing systems such as Internet Suspend/Resume has facilitated access to a user's personalized computing environment for transient use on unmanaged hardware. Trust-Sniffer, a tool that helps users gain confidence in using software on an untrusted machine, addresses this usage model's associated security risks. The root of trust is a small, user-carried device such as a USB memory stick. Trust-Sniffer verifies the target machine's on-disk boot image and incrementally expands the zone of trust by validating applications, including dynamically linked libraries, before they execute. Trust-Sniffer validates an application by comparing its checksum to a list of known good checksums. If it can't validate a binary, it blocks the binary's execution. This staged approach to establishing confidence in an untrusted machine strikes a balance between security and ease of use and facilitates rapid use of transient hardware. This article is part of a special issue on security and privacy.
establishing trust, untrusted terminal, transient use, trusted computing, load-time validation, Internet Suspend/Resume
Ajay Surie, Mahadev Satyanarayanan, David J. Farber, "Rapid Trust Establishment for Pervasive Personal Computing", IEEE Pervasive Computing, vol.6, no. 4, pp. 24-30, October-December 2007, doi:10.1109/MPRV.2007.84