We present a technique based on Trusted Computing's remote attestation to enable the user of a public terminal to determine whether its configuration can be considered trustworthy or not. In particular, we show how the user can verify the software status of an untrusted terminal and be securely informed about the outcome of the verification. We present two flavors of this technique. In the first, the user makes use of a personal digital device with limited computing capabilities and a remote trusted server that performs the actual verification. In the second, the personal device is assumed to have enough computing power (as in the case of smart-phones and PDAs) to autonomously perform the verification procedure.
Titolo: | Practical Verification of Untrusted Terminals Using Remote Attestation |
Autori interni: | |
Anno del prodotto: | 2007 |
Abstract: | We present a technique based on Trusted Computing's remote attestation to enable the user of a public terminal to determine whether its configuration can be considered trustworthy or not. In particular, we show how the user can verify the software status of an untrusted terminal and be securely informed about the outcome of the verification. We present two flavors of this technique. In the first, the user makes use of a personal digital device with limited computing capabilities and a remote trusted server that performs the actual verification. In the second, the personal device is assumed to have enough computing power (as in the case of smart-phones and PDAs) to autonomously perform the verification procedure. |
Handle: | http://hdl.handle.net/11568/113680 |
Appare nelle tipologie: | 4.1 Contributo in Atti di convegno |