PlugNPlay Trust for Embedded Communication Systems
Raquel Hill - Indiana University
Oct 14, 2009Size: 350.7MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractGiven the proliferation of malware, the integrity of embedded communication systems is becoming a growing concern. Recent compromises to systems such as ATMs and network switches and routers provide evidence of the potential security problems of embedded communication systems. Trusted communication channels that pass sensitive information should only be established after the integrity of the remote system can be assured. Security hardware, such as the Trusted Computing Group’s (TCG’s) Trusted Platform Module (TPM) provides a mechanism to measure and authenticate the integrity of individual machines. This device can be readily found in many laptops today, however we are unaware of its use as a mechanism for providing or denying communication access to services based on the integrity of remote systems. In this work, we propose PlugNPlay Trust, an integrity framework which is a drop-in solution for providing a hardware root of trust for embedded applications. The PlugNPlay Trust design exploits the static nature of embedded communication systems and independently provides remote attestation and identity verification for the host application using the TPM. This framework, coupled with the attestation and dynamic firewall exception services we authored, enables remote parties to confirm the integrity of embedded communication systems, thereby limiting the effects and the proliferation of malware in compromised systems. Although there are preexisting technologies for interfacing with the TPM directly, we implemented the first prototype for allowing or denying access to networked services based on the trustworthiness of a remote system. The PlugNPlay framework simplifies the integration of existing TPM related tools and provides a ready to use platform for trusted computing research.
About the SpeakerRaquel Hill is an Assistant Professor of Computer Science in the School of Informatics and Computing. Her primary research interests are in the areas of trust and security for distributed and pervasive computing environments. Dr. Hill’s research is funded by the Center for Applied CyberSecurity Research (CACR). She holds B.S. and M.S. degrees in Computer Science from Georgia Tech and a Ph.D. in Computer Science from Harvard University.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.