This Article 
 Bibliographic References 
 Add to: 
Rapid Trust Establishment for Pervasive Personal Computing
October-December 2007 (vol. 6 no. 4)
pp. 24-30
Ajay Surie, Carnegie Mellon University
Adrian Perrig, Carnegie Mellon University
Mahadev Satyanarayanan, Carnegie Mellon University
David J. Farber, Carnegie Mellon University
The emergence of pervasive computing systems such as Internet Suspend/Resume has facilitated access to a user's personalized computing environment for transient use on unmanaged hardware. Trust-Sniffer, a tool that helps users gain confidence in using software on an untrusted machine, addresses this usage model's associated security risks. The root of trust is a small, user-carried device such as a USB memory stick. Trust-Sniffer verifies the target machine's on-disk boot image and incrementally expands the zone of trust by validating applications, including dynamically linked libraries, before they execute. Trust-Sniffer validates an application by comparing its checksum to a list of known good checksums. If it can't validate a binary, it blocks the binary's execution. This staged approach to establishing confidence in an untrusted machine strikes a balance between security and ease of use and facilitates rapid use of transient hardware. This article is part of a special issue on security and privacy.

1. M. Kozuch and M. Satyanarayanan, "Internet Suspend/Resume," Proc. 4th IEEE Workshop Mobile Computing Systems and Applications, IEEE CS Press, 2002, p. 40.
2. M. Satyanaranyanan et al., "Towards Seamless Mobility on Pervasive Hardware," Pervasive and Mobile Computing, vol. 1, no. 2, 2005, pp. 157–189.
3. M. Satyanaranyanan et al., "Pervasive Personal Computing in an Internet Suspend/Resume System," IEEE Internet Computing, vol. 11, no. 2, 2007, pp. 16–25.
4. S.T. King et al., "SubVirt: Implementing Malware with Virtual Machines," Proc. 2006 IEEE Symp. Security and Privacy, IEEE CS Press, 2006, pp. 314–327.
5. R. Sailer et al., "Design and Implementation of a TCG-Based Integrity Measurement Architecture," Proc. 13th Conf. USENIXSecurity Symp., USENIXAssoc., 2004, pp. 223–238.
6. A.B. Brown and M.I. Seltzer, "Operating System Benchmarking in the Wake of LMbench: A Case Study of the Performance of NetBSD on the Intel x86 Architecture," Proc. 1997 ACM SIGMETRICSInt'l Conf. Measurement and Modeling of Computer Systems, ACM Press, 1997, pp. 214–224.
1. W.A. Arbaugh, D.J. Farber, and J.M. Smith, "A Secure and Reliable Bootstrap Architecture," Proc. 1997 IEEE Symp. Security and Privacy, IEEE CS Press, 1997, pp. 65–71.
2. R. Cáceres et al. "Reincarnating PCs with Portable SoulPads," Proc. 3rd Int'l Conf. Mobile Systems, Applications, and Services (MobiSys 05), ACM Press, 2005, pp. 65–78.
3. D.E. Clarke et al., "The Untrusted Computer Problem and Camera-Based Authentication," Proc. 1st Int'l Conf. Pervasive Computing, LNCS 2414, Springer, 2002, pp. 114–124.
4. M. Naor and B. Pinkas, "Visual Authentication and Identification," Proc. 17th Ann. Int'l Cryptology Conf. Advances in Cryptology, LNCS 1294, Springer, 1997, pp. 322–336.
5. M. Abadi et al., "Authentication and Delegation with Smart-Cards," Science of Computer Programming, vol. 21, no. 2, 1993, pp. 91–113.
6. R. Kennell and L.H. Jamieson, "Establishing the Genuinity of Remote Computer Systems," Proc. 12th Conf. USENIXSecurity Symp., USENIXAssoc., 2003, pp. 295–310.
7. A. Seshadri et al., "Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems," Proc. 20th ACM Symp. Operating Systems Principles, ACM Press, 2005, pp. 1–16.
8. S. Garris et al., "Towards Trustworthy Kiosk Computing," Proc. 8th IEEE Workshop Mobile Computing Systems and Applications, IEEE CS Press, 2007.

Index Terms:
establishing trust, untrusted terminal, transient use, trusted computing, load-time validation, Internet Suspend/Resume
Ajay Surie, Adrian Perrig, Mahadev Satyanarayanan, David J. Farber, "Rapid Trust Establishment for Pervasive Personal Computing," IEEE Pervasive Computing, vol. 6, no. 4, pp. 24-30, Oct.-Dec. 2007, doi:10.1109/MPRV.2007.84
Usage of this product signifies your acceptance of the Terms of Use.