Rapid Trust Establishment for Transient Use of Unmanaged Hardware

Abstract : Transient use of PCs has grown in importance with the advent of Internet cafes and the emergence of personalization systems such as Migo, GoToMyPC, and Internet Suspend/Resume. Unfortunately, users have no choice today but to trust any transient hardware they use. They are often unaware of the risks they face in placing faith in public computers. We address this problem through Trust-Sniffer, a tool that helps a user to gain confidence in the software stack on an untrusted machine. The root of trust is a small, lightweight device such as a USB memory stick that is owned by the user. Once the integrity of the boot image is verified, Trust-Sniffer uses a staged process to expand the zone of trust. It generates a trust fault when a user first attempts to execute any binary that lies outside the current zone of trust. A trust fault handler verifies the integrity of the suspect binary by comparing its checksum with that of known good binaries. Execution stops if the binary's integrity cannot be established. This staged approach to establishing confidence in an untrusted machine strikes a good balance between the needs of security and ease-of-use, and enables rapid use of transient hardware.

[1]  David Teigland,et al.  Volume Managers in Linux , 2001, USENIX Annual Technical Conference, FREENIX Track.

[2]  Mahadev Satyanarayanan,et al.  Towards seamless mobility on pervasive hardware , 2005, Pervasive Mob. Comput..

[3]  Martín Abadi,et al.  Authentification and Delegation with Smart-Cards , 1993, Sci. Comput. Program..

[4]  William A. Arbaugh,et al.  A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[5]  Mahadev Satyanarayanan,et al.  Internet suspend/resume , 2002, Proceedings Fourth IEEE Workshop on Mobile Computing Systems and Applications.

[6]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[7]  Birgit Pfitzmann,et al.  Trusting Mobile User Devices and Security Modules , 1997, Computer.

[8]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[9]  Helen J. Wang,et al.  SubVirt: implementing malware with virtual machines , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[10]  T. Ebringer,et al.  Trusted Platform on demand ( TPod ) , 2004 .

[11]  Andy Hopper,et al.  Virtual Network Computing , 1998, IEEE Internet Comput..

[12]  Martín Abadi,et al.  Authentication and Delegation with Smart-cards , 1991, TACS.

[13]  Diana K. Smetters,et al.  Securing a remote terminal application with a mobile trusted device , 2004, 20th Annual Computer Security Applications Conference.

[14]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[15]  William A. Arbaugh,et al.  Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor , 2004, USENIX Security Symposium.

[16]  Moni Naor,et al.  Visual Authentication and Identification , 1997, CRYPTO.

[17]  Srinivas Devadas,et al.  The untrusted computer problem and camera based authentication using optical character recognition , 2002 .

[18]  Sean W. Smith,et al.  Smart cards in hostile environments , 1996 .

[19]  Leah H. Jamieson,et al.  Establishing the Genuinity of Remote Computer Systems , 2003, USENIX Security Symposium.

[20]  Margo I. Seltzer,et al.  Operating system benchmarking in the wake of lmbench: a case study of the performance of NetBSD on the Intel x86 architecture , 1997, SIGMETRICS '97.

[21]  Roy Want,et al.  The Personal Server: Changing the Way We Think about Ubiquitous Computing , 2002, UbiComp.

[22]  Michael K. Reiter,et al.  Bump in the Ether: A Framework for Securing Sensitive User Input , 2006, USENIX Annual Technical Conference, General Track.

[23]  Edward W. Felten,et al.  Hand-Held Computers Can Be Better Smart Cards , 1999, USENIX Security Symposium.

[24]  Ramón Cáceres,et al.  Reincarnating PCs with portable SoulPads , 2005, MobiSys '05.