Bryan Parno, Jonathan M. McCune, Adrian Perrig
Citation
Bryan Parno, Jonathan M. McCune, Adrian Perrig. "Bootstrapping Trust in Commodity Computers". Proceedings of IEEE Symposium on Security and Privacy, May, 2010.
Abstract
Trusting a computer for a security-sensitive task (such as checking
email or banking online) requires the user to know something about the
computer's state. We examine research on securely capturing a
computer's state, and consider the utility of this information both
for improving security on the local computer (e.g., to convince the
user that her computer is not infected with malware) and for
communicating a remote computer's state (e.g., to enable the user to
check that a web server will adequately protect her data). Although
the recent ``Trusted Computing'' initiative has drawn both positive
and negative attention to this area, we consider the older and broader
topic of bootstrapping trust in a computer. We cover issues ranging
from the wide collection of secure hardware that can serve as a
foundation for trust, to the usability issues that arise when trying
to convey computer state information to humans. This approach unifies
disparate research efforts and highlights opportunities for additional
work that can guide real-world improvements in computer security.
Electronic downloads
| Citation formats |
- HTML
Bryan Parno, Jonathan M. McCune, Adrian Perrig. <a href="http://www.truststc.org/pubs/655.html" >Bootstrapping Trust in Commodity Computers</a>, Proceedings of IEEE Symposium on Security and Privacy, May, 2010.
- Plain text
Bryan Parno, Jonathan M. McCune, Adrian Perrig. "Bootstrapping Trust in Commodity Computers". Proceedings of IEEE Symposium on Security and Privacy, May, 2010.
- BibTeX
@inproceedings{ParnoMcCunePerrig10_BootstrappingTrustInCommodityComputers, author = {Bryan Parno and Jonathan M. McCune and Adrian Perrig}, title = {Bootstrapping Trust in Commodity Computers}, booktitle = {Proceedings of IEEE Symposium on Security and Privacy}, month = {May}, year = {2010}, abstract = {Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent ``Trusted Computing'' initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.}, URL = {http://www.truststc.org/pubs/655.html} }
Posted by Adrian Perrig on 28 Mar 2010.
For additional information, see the
Publications FAQ or
contact webmaster at www truststc org.
Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.