Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Proceedings of the 11th ACM conference on Computer and communications security
Securing a Remote Terminal Application with a Mobile Trusted Device
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Reincarnating PCs with portable SoulPads
Proceedings of the 3rd international conference on Mobile systems, applications, and services
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Realizing property-based attestation and sealing with commonly available hard- and software
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Turtles all the way down: research challenges in user-based attestation
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
OSLO: improving the security of trusted computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Trustworthy and personalized computing on public kiosks
Proceedings of the 6th international conference on Mobile systems, applications, and services
Practical Techniques for Operating System Attestation
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
A Demonstrative Ad Hoc Attestation System
ISC '08 Proceedings of the 11th international conference on Information Security
Attestation: Evidence and Trust
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
ICYCS '08 Proceedings of the 2008 The 9th International Conference for Young Computer Scientists
Bootstrapping trust in a "trusted" platform
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
A PrivacyCA for Anonymity and Trust
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Dynamics of a Trusted Platform: A Building Block Approach
Dynamics of a Trusted Platform: A Building Block Approach
On the Feasibility of Remote Attestation for Web Services
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Secure mobile computing via public terminals
PERVASIVE'06 Proceedings of the 4th international conference on Pervasive Computing
SmartTokens: delegable access control with NFC-Enabled smartphones
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Hi-index | 0.00 |
Remote Attestation, as devised by the Trusted Computing Group, is based on a secure hardware component--the Trusted Platform Module (TPM). It allows to reach trust decisions between different network hosts. However, attestation cannot be applied in an important field of application--the identification of physically encountered, public computer platforms. Unfortunately, such computer terminals are especially exposed and the software running on them cannot be assumed unaltered and secure.Three challenges arise. The cryptographic protocols that actually perform the attestation do not provide for human-intelligible trust status analysis, easily graspable conveyance of results, nor the intuitive identification of the computer platform involved. Therefore, the user needs a small portable device, a token, to interact with local computer platforms. It can perform an attestation protocol, report the result to the user, even if the display the user faces cannot be trusted and may be connected to the platform under scrutiny. In addition, the token must establish that the particular machine faced actually contains the TPM that performs the attestation.In this paper, we demonstrate an attestation token architecture which is based on a commodity smart phone and which is more efficient and flexible than previous proposals. Furthermore, we introduce an autonomic and low-cost Near Field Communication (NFC) compatible interface to the TPM that provides a direct channel for proof of the TPM's identity and local proximity to the attestation token.