More Web Proxy on the site http://driver.im/

research-article

Securing Pocket Hard Drives

Authors:

Chandra Narayanaswami,

Mandayam Raghunath,

Marcel-Catalin RosuAuthors Info & Claims

IEEE Pervasive Computing, Volume 6, Issue 4

Pages 18 - 23

https://doi.org/10.1109/MPRV.2007.85

Published: 01 October 2007 Publication History

Abstract

The availability of inexpensive portable storage devices has made it easier for users to carry data and programs with them and borrow computing platforms when needed. This article focuses on portable storage-based personalization, in which users boot the borrowed PC from their portable storage devices. It analyzes this model's security implications and present a scheme to protect the portable storage device from untrusted platforms. The protection scheme includes running tests stored on the portable storage device to assess the borrowed platform's integrity and ensuring that these tests execute without tampering. This article is part of a special issue on security and privacy.

References

[1]

R. Caceres et al., "Reincarnating PCs with Portable Soulpads," Proc. 3rd Int'l Conf. Mobile Systems, Applications and Services (Mobisys 05), ACM Press, 2005, pp. 65–78.

Digital Library

[2]

N.L. Petroni Jr. et al., "Copilot—A Coprocessor-Based Kernel Runtime Integrity Monitor," Proc. 13th Security Symp., Usenix, 2004, pp. 179–194.

Digital Library

[3]

R. Lemos, "Researchers: Rootkits Headed for Bios," SecurityFocus,26 Jan. 2006,

[4]

S.T. King et al., "SubVirt: Implementing Malware with Virtual Machine," Proc. 2006 Symp. Security and Privacy, 2006;

Digital Library

[5]

C.S. Collberg, C.D. Thomborson, and D. Low, "Breaking Abstractions and Unstructuring Data Structures," Proc. Int'l Conf. Computer Languages, IEEE CS Press, 1998, pp. 28–38.

Digital Library

[6]

S. Bhatkar, D. DuVarney, and R. Sekar, "Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits," Proc. 12th Usenix Security Symp., Usenix, 2003, pp. 105–120.

Digital Library

[7]

T. Garfinkel et al., "Compatibility Is Not Transparency: VMM Detection Myths and Realities," Proc. 11th Workshop Hot Topics in Operating Systems, Usenix, 2007;

Digital Library

[8]

J. Robin and C. Irvine, "Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor," Proc. 9th Usenix Security Symp., Usenix, 2000, pp. 129–144.

Digital Library

[9]

J. Franklin et al., "Towards Sound Detection of Virtual Machines," to be published in Botnet Detection, Springer, 2007.

[10]

S. Garriss et al., "Towards Trustworthy Kiosk Computing," to be published in Proc. 8th IEEE Workshop Mobile Computing Systems and Applications (HotMobile 07), IEEE Press, 2007.

Digital Library

[11]

A. Surie et al., Rapid Trust Establishment for Transient Use of Unmanaged Hardware, tech. report CMU-CS-06-176, School of Computer Science, Carnegie Mellon Univ., 2006.

[12]

W. Arbaugh, D. Farber, and J. Smith, "A Secure and Reliable Bootstrap Architecture," Proc. IEEE Symp. Security and Privacy, IEEE Press, 1997, pp. 65–71.

Digital Library

[13]

N.L. Petroni Jr. et al., "Copilot—A Coprocessor-Based Kernel Runtime Integrity Monitor," Proc. 13th Usenix Security Symp., Usenix, 2004, pp. 179–194.

Digital Library

[14]

R. Kennell and L.H. Jamieson, "Establishing the Genuinity of Remote Computer Systems," Proc. 12th Usenix Security Symp., Usenix, 2003, p. 21.

Digital Library

[15]

A. Seshadri et al., "Swatt: Software-Based Attestation for Embedded Devices," Proc. IEEE Symp. Security and Privacy, IEEE Press, 2004, pp. 272–282.

[16]

A. Seshadri et al., "Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems," Proc. 10th ACM Symp. Operating Systems Principles (SOSP 05), ACM Press, 2005, pp. 1–16.

Digital Library

Cited By

Smaldone SGilbert BHarkes JIftode LSatyanarayanan M(2013)Optimizing Storage Performance for VM-Based Mobile ComputingACM Transactions on Computer Systems (TOCS)10.1145/2465346.246534831:2(1-25)Online publication date: 1-May-2013
https://dl.acm.org/doi/10.1145/2465346.2465348
Smaldone SGilbert BBila NIftode Lde Lara ESatyanarayanan MZielinski KWolisz AFlinn JLaMarca A(2009)Leveraging smart phones to reduce mobility footprintsProceedings of the 7th international conference on Mobile systems, applications, and services10.1145/1555816.1555828(109-122)Online publication date: 22-Jun-2009
https://dl.acm.org/doi/10.1145/1555816.1555828
Garriss SCáceres RBerger SSailer Rvan Doorn LZhang XGrunwald DHan Rde Lara EEllis C(2008)Trustworthy and personalized computing on public kiosksProceedings of the 6th international conference on Mobile systems, applications, and services10.1145/1378600.1378623(199-210)Online publication date: 17-Jun-2008
https://dl.acm.org/doi/10.1145/1378600.1378623

Index Terms

Securing Pocket Hard Drives

Recommendations

Securing Android-Powered Mobile Devices Using SELinux

Google's Android framework incorporates an operating system and software stack for mobile devices. Using a general-purpose operating system such as Linux in mobile devices has advantages but also security risks. Security-Enhanced Linux (SELinux) can ...
Secure Communication between Lightweight Communication Devices over the Internet
HICSS '02: Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 7 - Volume 7

The advent of light, low-power handheld compute devices such as Windows CE, Palm and Handspring, is changing the way in which mobile users interact with their home office. These devices can be connected to the Internet through both physical and wireless ...
Mobile cloud computing models security issues: A systematic review
Abstract
Mobile cloud computing (MCC) is a trending technology employed in several domains to overcome the limitations of mobile devices by using cloud capabilities. Communication between mobile devices and clouds is maintained via wireless ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IEEE Pervasive Computing

IEEE Pervasive Computing Volume 6, Issue 4

October 2007

92 pages

ISSN:1536-1268

Issue’s Table of Contents

Copyright © 2007.

Publisher

IEEE Educational Activities Department

United States

Publication History

Published: 01 October 2007

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Smaldone SGilbert BHarkes JIftode LSatyanarayanan M(2013)Optimizing Storage Performance for VM-Based Mobile ComputingACM Transactions on Computer Systems (TOCS)10.1145/2465346.246534831:2(1-25)Online publication date: 1-May-2013
https://dl.acm.org/doi/10.1145/2465346.2465348
Smaldone SGilbert BBila NIftode Lde Lara ESatyanarayanan MZielinski KWolisz AFlinn JLaMarca A(2009)Leveraging smart phones to reduce mobility footprintsProceedings of the 7th international conference on Mobile systems, applications, and services10.1145/1555816.1555828(109-122)Online publication date: 22-Jun-2009
https://dl.acm.org/doi/10.1145/1555816.1555828
Garriss SCáceres RBerger SSailer Rvan Doorn LZhang XGrunwald DHan Rde Lara EEllis C(2008)Trustworthy and personalized computing on public kiosksProceedings of the 6th international conference on Mobile systems, applications, and services10.1145/1378600.1378623(199-210)Online publication date: 17-Jun-2008
https://dl.acm.org/doi/10.1145/1378600.1378623

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents