Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.

Published byAnnice Kelley Modified over 9 years ago

Similar presentations

Presentation on theme: "Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008."— Presentation transcript:

1 Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008

2 Motivating Problem People desire increasingly frequent access to personal computing environments Public kiosks offer a good trade-off between functionality, cost, and availability Public kiosks are at higher risk than other environments o General public has physical access to systems o People tend to have a low degree of trust in software on public kiosk systems

3 Related Work -- Portable Computing Environment Encrypted Virtual Machines (VMs) provide portable, encapsulated computing environments o OS, software, configurations, personal data in one package o Practical distribution of VM images has been explored:  Remote deployment of VM image components (Internet Suspend/Resume)  Loading a VM from a portable device (SolePad) However, even using encrypted VMs, compromised kiosk software can access data and render the system untrustworthy (BIOS, virtual machine monitor)

4 Related Work -- Building System Trust Verify the entire software stack, from BIOS to Applications o Software solutions -- The software itself is an easy target on public kiosk systems o Trusted boot sequences -- Introduces possible serious boot-time delays Minimize function of system for easier verification o Kiosks as thin clients which perform minimal processing -- Wastes much of the computational power of the system o Limit the information a user submits to the system -- User must ultimately determine sensitivity for each piece of data; difficult to predict data interaction

5 Method Overview A multi-stage process using a trusted mobile device to verify the integrity of the system prior to use

6 Method Details - Identify Workstation 1.User visually verifies kiosk identity 2.Mobile device downloads certificate and verifies authenticity 3.Mobile device retrieves supported configurations and allows user to select one Identify Kiosk (barcode ID and key hash) Select Configuration (mobile device app) Establish Trust (TPM, DRTM, Trusted 3 rd Party) Submit VM / Personal Info to Kiosk And Perform Work Clean Up Kiosk

7 Method Details - Verify Software System: 1.Reboots 2.Loads the DRTM with the hash of the secure boot loader 3.Generates Encryption Key pair (K, K') 4.Creates self-signed certificate C containing K. 5.Measures C into TPM Mobile Device: 1.Requests database signed by TTP (Trusted Third Party) 2.Requests signed (by TPM) quote and re-computes boot sequence to verify that it matches quote 3.On success, signals user that system is trustworthy Identify Kiosk (barcode ID and key hash) Select Configuration (mobile device app) Establish Trust (TPM, DRTM, Trusted 3 rd Party) Submit VM / Personal Info to Kiosk And Perform Work Clean Up Kiosk

8 Method Details - Load Personal Environment Uses key pair (K,K') to download and load user's personal environment / encrypted VM image / information Identify Kiosk (barcode ID and key hash) Select Configuration (mobile device app) Establish Trust (TPM, DRTM, Trusted 3 rd Party) Submit VM / Personal Info to Kiosk And Perform Work Clean Up Kiosk

9 Method Details -- Data Cleanup Once the user is finished with the system, the system shuts down, removes the VM image, and overwrites the memory containing the cryptographic data Identify Kiosk (barcode ID and key hash) Select Configuration (mobile device app) Establish Trust (TPM, DRTM, Trusted 3 rd Party) Submit VM / Personal Info to Kiosk And Perform Work Clean Up Kiosk

10 Assumptions and Limitations Kiosk owner is trusted: o Periodically check for and fix misbehaving Kiosks (ie. to address hardware issues, detect incorrect barcodes) System only verifies software at boot time. Post-boot modification is not detected Mobile device is trustworthy Requires kiosk owner to participate in system, ie: o Provide database of software o Tag systems with barcodes Users must wait around 2.5 minutes before system is ready to use

11 Conclusions Provides personalized computing environment Unrestricted access to computing capabilities Enables users to perform sensitive personalized computing on public hardware with a high degree of confidence S. Garriss, R. Caceres, S. Berger, R. Sailer, L. Doorn, X. Zhang. Trustworthy and Personalized Computing on Public Kiosks. In Proc. MobiSys 2008. Reference

Download ppt "Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008."

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they.

Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they.
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.

Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Vpn-info.com.

Vpn-info.com.
New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.
Windows 8: Windows To Go Overview Zvezdan PavkovicTanya Koval Senior ConsultantArchitect WCL333.

Windows 8: Windows To Go Overview Zvezdan PavkovicTanya Koval Senior ConsultantArchitect WCL333.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.

Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.
Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.

Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Similar presentations

Ads by Google