Rapid Trust Establishment for Pervasive Personal Computing

Ajay Surie; David J. Farber; Adrian Perrig; Mahadev Satyanarayanan

doi:10.1109/MPRV.2007.84

Pervasive
2007
Issue No. 4 - October-December
Abstract - Rapid Trust Establishment for Pervasive Personal Computing

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ajay Surie Articles by Adrian Perrig Articles by Mahadev Satyanarayanan Articles by David J. Farber

Rapid Trust Establishment for Pervasive Personal Computing

October-December 2007 (vol. 6 no. 4)

pp. 24-30

	ASCII Text	x
	Ajay Surie, Adrian Perrig, Mahadev Satyanarayanan, David J. Farber, "Rapid Trust Establishment for Pervasive Personal Computing," IEEE Pervasive Computing, vol. 6, no. 4, pp. 24-30, October-December, 2007.

	BibTex	x
	@article{ 10.1109/MPRV.2007.84, author = {Ajay Surie and Adrian Perrig and Mahadev Satyanarayanan and David J. Farber}, title = {Rapid Trust Establishment for Pervasive Personal Computing}, journal ={IEEE Pervasive Computing}, volume = {6}, number = {4}, issn = {1536-1268}, year = {2007}, pages = {24-30}, doi = {http://doi.ieeecomputersociety.org/10.1109/MPRV.2007.84}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Pervasive Computing TI - Rapid Trust Establishment for Pervasive Personal Computing IS - 4 SN - 1536-1268 SP24 EP30 EPD - 24-30 A1 - Ajay Surie, A1 - Adrian Perrig, A1 - Mahadev Satyanarayanan, A1 - David J. Farber, PY - 2007 KW - establishing trust KW - untrusted terminal KW - transient use KW - trusted computing KW - load-time validation KW - Internet Suspend/Resume VL - 6 JA - IEEE Pervasive Computing ER -

Ajay Surie, Carnegie Mellon University

Adrian Perrig, Carnegie Mellon University

Mahadev Satyanarayanan, Carnegie Mellon University

David J. Farber, Carnegie Mellon University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MPRV.2007.84

The emergence of pervasive computing systems such as Internet Suspend/Resume has facilitated access to a user's personalized computing environment for transient use on unmanaged hardware. Trust-Sniffer, a tool that helps users gain confidence in using software on an untrusted machine, addresses this usage model's associated security risks. The root of trust is a small, user-carried device such as a USB memory stick. Trust-Sniffer verifies the target machine's on-disk boot image and incrementally expands the zone of trust by validating applications, including dynamically linked libraries, before they execute. Trust-Sniffer validates an application by comparing its checksum to a list of known good checksums. If it can't validate a binary, it blocks the binary's execution. This staged approach to establishing confidence in an untrusted machine strikes a balance between security and ease of use and facilitates rapid use of transient hardware. This article is part of a special issue on security and privacy.

1. M. Kozuch and M. Satyanarayanan, "Internet Suspend/Resume," Proc. 4th IEEE Workshop Mobile Computing Systems and Applications, IEEE CS Press, 2002, p. 40.
2. M. Satyanaranyanan et al., "Towards Seamless Mobility on Pervasive Hardware," Pervasive and Mobile Computing, vol. 1, no. 2, 2005, pp. 157–189.
3. M. Satyanaranyanan et al., "Pervasive Personal Computing in an Internet Suspend/Resume System," IEEE Internet Computing, vol. 11, no. 2, 2007, pp. 16–25.
4. S.T. King et al., "SubVirt: Implementing Malware with Virtual Machines," Proc. 2006 IEEE Symp. Security and Privacy, IEEE CS Press, 2006, pp. 314–327.
5. R. Sailer et al., "Design and Implementation of a TCG-Based Integrity Measurement Architecture," Proc. 13th Conf. USENIXSecurity Symp., USENIXAssoc., 2004, pp. 223–238.
6. A.B. Brown and M.I. Seltzer, "Operating System Benchmarking in the Wake of LMbench: A Case Study of the Performance of NetBSD on the Intel x86 Architecture," Proc. 1997 ACM SIGMETRICSInt'l Conf. Measurement and Modeling of Computer Systems, ACM Press, 1997, pp. 214–224.
1. W.A. Arbaugh, D.J. Farber, and J.M. Smith, "A Secure and Reliable Bootstrap Architecture," Proc. 1997 IEEE Symp. Security and Privacy, IEEE CS Press, 1997, pp. 65–71.
2. R. Cáceres et al. "Reincarnating PCs with Portable SoulPads," Proc. 3rd Int'l Conf. Mobile Systems, Applications, and Services (MobiSys 05), ACM Press, 2005, pp. 65–78.
3. D.E. Clarke et al., "The Untrusted Computer Problem and Camera-Based Authentication," Proc. 1st Int'l Conf. Pervasive Computing, LNCS 2414, Springer, 2002, pp. 114–124.
4. M. Naor and B. Pinkas, "Visual Authentication and Identification," Proc. 17th Ann. Int'l Cryptology Conf. Advances in Cryptology, LNCS 1294, Springer, 1997, pp. 322–336.
5. M. Abadi et al., "Authentication and Delegation with Smart-Cards," Science of Computer Programming, vol. 21, no. 2, 1993, pp. 91–113.
6. R. Kennell and L.H. Jamieson, "Establishing the Genuinity of Remote Computer Systems," Proc. 12th Conf. USENIXSecurity Symp., USENIXAssoc., 2003, pp. 295–310.
7. A. Seshadri et al., "Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems," Proc. 20th ACM Symp. Operating Systems Principles, ACM Press, 2005, pp. 1–16.
8. S. Garris et al., "Towards Trustworthy Kiosk Computing," Proc. 8th IEEE Workshop Mobile Computing Systems and Applications, IEEE CS Press, 2007.

Index Terms:

establishing trust, untrusted terminal, transient use, trusted computing, load-time validation, Internet Suspend/Resume

Citation:

Ajay Surie, Adrian Perrig, Mahadev Satyanarayanan, David J. Farber, "Rapid Trust Establishment for Pervasive Personal Computing," IEEE Pervasive Computing, vol. 6, no. 4, pp. 24-30, Oct.-Dec. 2007, doi:10.1109/MPRV.2007.84

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.