Initializing trust in smart devices via presence attestation
Many personal computing and more specialized (e.g., high-end IoT) devices are now equipped with sophisticated processors that only a few years ago were present only on high-end desktops and servers. Such processors often include an important hardware security component in the form of a DRTM (Dynamic...
Saved in:
Main Authors: | , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2018
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/4091 https://ink.library.smu.edu.sg/context/sis_research/article/5094/viewcontent/1_s20_S0140366418304882_main.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-5094 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-50942019-05-31T08:21:45Z Initializing trust in smart devices via presence attestation DING, Xuhua TSUDIK, Gene Many personal computing and more specialized (e.g., high-end IoT) devices are now equipped with sophisticated processors that only a few years ago were present only on high-end desktops and servers. Such processors often include an important hardware security component in the form of a DRTM (Dynamic Root of Trust for Measurement) which initiates trust and resists software (and even some physical) attacks. However, despite substantial prior research on trust establishment with secure hardware, DRTM security was always considered without any involvement of the human user, who represents a vital missing link. This prompts an important challenge: how can a user (owner) determine whether a genuine DRTM is currently active on his or her device? We believe that, in order to address this challenge, a new security service – called “Presence Attestation” (PA) – is needed. While PA, by itself, has only ephemeral value, it can be used to set up a long-term secure channel between the device's DRTM and another device with the user's trust. In this paper, we outline the notion of PA, which is based on mandatory (though, ideally minimal) user participation, overview recent results, and discuss directions for future research. 2018-10-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4091 info:doi/10.1016/j.comcom.2018.07.004 https://ink.library.smu.edu.sg/context/sis_research/article/5094/viewcontent/1_s20_S0140366418304882_main.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Information Security |
spellingShingle |
Information Security DING, Xuhua TSUDIK, Gene Initializing trust in smart devices via presence attestation |
description |
Many personal computing and more specialized (e.g., high-end IoT) devices are now equipped with sophisticated processors that only a few years ago were present only on high-end desktops and servers. Such processors often include an important hardware security component in the form of a DRTM (Dynamic Root of Trust for Measurement) which initiates trust and resists software (and even some physical) attacks. However, despite substantial prior research on trust establishment with secure hardware, DRTM security was always considered without any involvement of the human user, who represents a vital missing link. This prompts an important challenge: how can a user (owner) determine whether a genuine DRTM is currently active on his or her device? We believe that, in order to address this challenge, a new security service – called “Presence Attestation” (PA) – is needed. While PA, by itself, has only ephemeral value, it can be used to set up a long-term secure channel between the device's DRTM and another device with the user's trust. In this paper, we outline the notion of PA, which is based on mandatory (though, ideally minimal) user participation, overview recent results, and discuss directions for future research. |
format |
text |
author |
DING, Xuhua TSUDIK, Gene |
author_facet |
DING, Xuhua TSUDIK, Gene |
author_sort |
DING, Xuhua |
title |
Initializing trust in smart devices via presence attestation |
title_short |
Initializing trust in smart devices via presence attestation |
title_full |
Initializing trust in smart devices via presence attestation |
title_fullStr |
Initializing trust in smart devices via presence attestation |
title_full_unstemmed |
Initializing trust in smart devices via presence attestation |
title_sort |
initializing trust in smart devices via presence attestation |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2018 |
url |
https://ink.library.smu.edu.sg/sis_research/4091 https://ink.library.smu.edu.sg/context/sis_research/article/5094/viewcontent/1_s20_S0140366418304882_main.pdf |
_version_ |
1770574305226129408 |