Enabling Effective Trust Judgments

Page Content

Sean Smith - Dartmouth College

Jan 21, 2004

RealMedia Icon RealVideo

Abstract

A key part of making our society's information infrastructure work is
enabling the parties involved---human users as well as programs---to
make effective trust judgments about each other. Should $A$ trust $B$
for action $X$? If it's all just wires and bits, how can $A$ know?
This problem is made even messier by the emerging multiplicity of
users, roles, machines, administrative domains, application contexts,
and opinions about what constitutes valid grounds for trust.

Over the past several years, my students and I have been exploring the
technological issues underlying effective trust judgments. This talk
surveys some of this research.

- Why should we trust what's happening at a remote server? I'll
discuss our work in secure coprocessing, attestation, and integrating
TCPA/TCG support into Linux, as well as in applications enabled by
these platforms.

- Do clients provide the right information and signals to enable
effective judgment? I'll discuss our work in trusted path defensess
against spoofing server-side SSL, as well some attacks on digital
signatures and client-side SSL.

- How do we transmit the information necessary for effective trust
judgment in complex scenarios? I'll discuss our work in improving
efficiency for S-BGP routing in the Internet, and in using
X-509/SPKI-SDSI hybrids for delegating guest access in wireless
networks.

About the Speaker

Prof. Sean Smith has been working in information security---attacks and defenses, for industry and government---for over a decade. In graduate school, he worked with the US Postal Inspection Service on postal meter fraud; as a post-doc and staff member at Los Alamos National Laboratory, he performed security reviews, designs, analyses, and briefings for a wide variety of public-sector clients; at IBM T.J. Watson Research Center, he designed the security architecture for (and helped code and test) the IBM 4758 secure coprocessor, and then led the formal modeling and verification work that earned it the world\'s first FIPS 140-1 Level 4 security validation. Dr. Smith has published numerous refereed papers; given numerous invited talks; and been granted nine patents. His security architecture is used in thousands of financial, e-commerce, and rights managements installations world-wide.



In July 2000, Sean left IBM for Dartmouth, since he was convinced that the academic education and research environment is a better venue for changing the world. His current work, as PI of the Dartmouth PKI Lab, investigates how to build trustable systems in the real world.



Dr. Smith was educated at Princeton and CMU, and is a member of ACM, USENIX, the IEEE Computer Society, Phi Beta Kappa, and Sigma Xi.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

© 1999-2013 Purdue University. All rights reserved.

Use/Reuse Guidelines

CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.