Issue No. 04 - October-December (2007 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MPRV.2007.84
Ajay Surie , Carnegie Mellon University
Adrian Perrig , Carnegie Mellon University
Mahadev Satyanarayanan , Carnegie Mellon University
David J. Farber , Carnegie Mellon University
The emergence of pervasive computing systems such as Internet Suspend/Resume has facilitated access to a user's personalized computing environment for transient use on unmanaged hardware. Trust-Sniffer, a tool that helps users gain confidence in using software on an untrusted machine, addresses this usage model's associated security risks. The root of trust is a small, user-carried device such as a USB memory stick. Trust-Sniffer verifies the target machine's on-disk boot image and incrementally expands the zone of trust by validating applications, including dynamically linked libraries, before they execute. Trust-Sniffer validates an application by comparing its checksum to a list of known good checksums. If it can't validate a binary, it blocks the binary's execution. This staged approach to establishing confidence in an untrusted machine strikes a balance between security and ease of use and facilitates rapid use of transient hardware. This article is part of a special issue on security and privacy.
establishing trust, untrusted terminal, transient use, trusted computing, load-time validation, Internet Suspend/Resume
A. Perrig, A. Surie, M. Satyanarayanan and D. J. Farber, "Rapid Trust Establishment for Pervasive Personal Computing," in IEEE Pervasive Computing, vol. 6, no. , pp. 24-30, 2007.