Trustworthy and personalized computing on public kiosks

Authors:
Scott Garriss;Rámon Cáceres;Stefan Berger;Reiner Sailer;Leendert van Doorn;Xiaolan Zhang
Affiliations:
Carnegie Mellon University, Pittsburgh, PA, USA;AT&T Labs, Florham Park, NJ, USA;IBM T. J. Watson Research Center, Hawthorne, NY, USA;IBM T. J. Watson Research Center, Hawthorne, NY, USA;AMD, Austin, TX, USA;IBM T. J. Watson Research Center, Hawthorne, NY, USA
Venue:
Proceedings of the 6th international conference on Mobile systems, applications, and services
Year:
2008

Citing 21
Cited 20

Untraceable off-line cash in wallet with observers

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Internet Suspend/Resume

WMCSA '02 Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Securing a Remote Terminal Application with a Mobile Trusted Device

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Using visual tags to bypass Bluetooth device discovery

ACM SIGMOBILE Mobile Computing and Communications Review
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Reincarnating PCs with portable SoulPads

Proceedings of the 3rd international conference on Mobile systems, applications, and services
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems

Proceedings of the twentieth ACM symposium on Operating systems principles
SubVirt: Implementing malware with virtual machines

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Hand-held computers can be better smart cards

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Bump in the ether: a framework for securing sensitive user input

ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
Securing Pocket Hard Drives

IEEE Pervasive Computing
Rapid Trust Establishment for Pervasive Personal Computing

IEEE Pervasive Computing
Towards Trustworthy Kiosk Computing

HOTMOBILE '07 Proceedings of the Eighth IEEE Workshop on Mobile Computing Systems and Applications
Flicker: an execution infrastructure for tcb minimization

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Turtles all the way down: research challenges in user-based attestation

HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
OSLO: improving the security of trusted computing

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Using a personal device to strengthen password authentication from an untrusted computer

FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Secure mobile computing via public terminals

PERVASIVE'06 Proceedings of the 4th international conference on Pervasive Computing
Device-enabled authorization in the grey system

ISC'05 Proceedings of the 8th international conference on Information Security

Bootstrapping trust in a "trusted" platform

HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Leveraging smart phones to reduce mobility footprints

Proceedings of the 7th international conference on Mobile systems, applications, and services
Tagging the Turtle: Local Attestation for Kiosk Computing

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
SessionMagnifier: a simple approach to secure and convenient kiosk browsing

Proceedings of the 11th international conference on Ubiquitous computing
Newport: enabling sharing during mobile calls

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Augmented smartphone applications through clone cloud execution

HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems
Scalable integrity monitoring in virtualized environments

Proceedings of the fifth ACM workshop on Scalable trusted computing
Securing interactive sessions using mobile device through visual channel and visual inspection

Proceedings of the 26th Annual Computer Security Applications Conference
Kells: a protection framework for portable data

Proceedings of the 26th Annual Computer Security Applications Conference
Cheating attacks and resistance techniques in GeoGame design

Futureplay '10 Proceedings of the International Academic Conference on the Future of Game Design and Technology
An approach to introducing locality in remote attestation using near field communications

The Journal of Supercomputing
CloneCloud: elastic execution between mobile device and cloud

Proceedings of the sixth conference on Computer systems
PorKI: portable PKI credentials via proxy certificates

EuroPKI'10 Proceedings of the 7th European conference on Public key infrastructures, services and applications
Unicorn: two-factor attestation for data security

Proceedings of the 18th ACM conference on Computer and communications security
Trust extension as a mechanism for secure code execution on commodity computers

Trust extension as a mechanism for secure code execution on commodity computers
Interactive phone call: synchronous remote collaboration and projected interactive surfaces

Proceedings of the ACM International Conference on Interactive Tabletops and Surfaces
Trust extension for commodity computers

Communications of the ACM
SessionJuggler: secure web login from an untrusted terminal using session hijacking

Proceedings of the 21st international conference on World Wide Web
CommunitySourcing: engaging local crowds to perform expert work via physical kiosks

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Optimizing Storage Performance for VM-Based Mobile Computing

ACM Transactions on Computer Systems (TOCS)

Quantified Score

Hi-index	0.02

Visualization

Abstract

Many people desire ubiquitous access to their personal computing environments. We present a system in which a user leverages a personal mobile device to establish trust in a public computing device, or kiosk, prior to resuming her environment on the kiosk. We have designed a protocol by which the mobile device determines the identity and integrity of all software loaded on the kiosk, in order to inform the user whether the kiosk is trustworthy. Our system exploits emerging hardware security technologies, namely the Trusted Platform Module and new support in x86 processors for establishing a dynamic root of trust. We have demonstrated the viability of our approach by implementing and evaluating our system on commodity hardware. Through a brief survey, we found that respondents are generally willing to endure a delay in exchange for an increased assurance of data privacy, and that the delay incurred by our unoptimized prototype is close to the range tolerable to the respondents. We have focused on allowing the user to personalize a kiosk by running her own virtual machine there. However, our work is generally applicable to establishing trust on public computing devices before revealing any sensitive information to those devices.