Practical Property-Based Attestation on Mobile Devices

  • Kari Kostiainen
  • N. Asokan
  • Jan-Erik Ekberg
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6740)

Abstract

We address property-based attestation in the context of an in-vehicle communication system called Terminal Mode that allows mobile devices to “stream” services, such as navigation or music, to car head-units. In Terminal Mode, attestation of the mobile device is needed to enforce driver distraction regulations and traditional binary attestation is not applicable due to frequently needed measurement updates and limited connectivity of car head-units. We present a novel attestation scheme that bootstraps from existing application certification infrastructures available on mobile device platforms, and thus avoids the need to setup and maintain a new service that provides translation from software measurements to properties, and consequently makes realization of property-based attestation economically feasible.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Alam, M., et al.: Model-based behavioral attestation. In: Proc. 13th ACM Symposium on Access Control Models and Technologies (2008)Google Scholar
  2. 2.
    WiFi Alliance. WiFi protected setup specification v1.0 (2007)Google Scholar
  3. 3.
    Arbaugh, W., et al.: A secure and reliable bootstrap architecture. In: Proc. IEEE Symposium on Security and Privacy (1997)Google Scholar
  4. 4.
  5. 5.
    National Highway Safety Traffic Association. The impact of driver inattention on near-crash/crash risk: An analysis using the 100-car naturalistic driving study data (2006), http://www.nhtsa.gov/DOT/NHTSA/NRD/Multimedia/PDFs/Crash%20Avoidance/2006/DriverInattention.pdf
  6. 6.
    Brakensiek, J.: Terminal mode technical architecture (2010), http://www.nokia.com/terminalmode
  7. 7.
    Chen, L., et al.: A protocol for property-based attestation. In: Proc. First ACM Workshop on Scalable Trusted Computing (2006)Google Scholar
  8. 8.
    Chen, L., et al.: Property-based attestation without a trusted third party. In: Proc. 11th International Conference on Information Security (2008)Google Scholar
  9. 9.
    Dolev, D., Yao, A.: On the security of public key protocols. Technical report. Stanford University (1981)Google Scholar
  10. 10.
  11. 11.
    Gasmi, Y., et al.: Beyond secure channels. In: Proc. 2nd ACM Workshop on Scalable Trusted (2007)Google Scholar
  12. 12.
    Goldman, K., et al.: Linking remote attestation to secure tunnel endpoints. In: Proc. 1st ACM Workshop on Scalable Trusted Computing (2006)Google Scholar
  13. 13.
    Trusted Computing Group. Mobile trusted module specification, version 1.0 (2008)Google Scholar
  14. 14.
    Haldar, V., et al.: Semantic remote attestation - virtual machine directed approach to trusted computing. In: Virtual Machine Research and Technology Symposium (2004)Google Scholar
  15. 15.
    Kasatkin, D.: Mobile simplified security framework. In: Proc. 12th Linux Symposium (2010)Google Scholar
  16. 16.
    Kil, C., et al.: Remote attestation to dynamic system properties: Towards providing complete system integrity evidence. In: Proc. International Conference on Dependable Systems and Networks (2009)Google Scholar
  17. 17.
    Korthaus, R., et al.: A practical property-based bootstrap architecture. In: Proc. 4th ACM Workshop on Scalable Trusted Computing (2009)Google Scholar
  18. 18.
    Kostiainen, K., et al.: Old, new, borrowed, blue: A perspective on the evolution of platform security architectures. In: Proc. 1st ACM Conference on Data and Application Security and Privacy (2011)Google Scholar
  19. 19.
    Kühn, U., et al.: Realizing property-based attestation and sealing with commonly available hard- and software. In: Proc. 2nd ACM Workshop on Scalable Trusted Computing (2007)Google Scholar
  20. 20.
    Lampson, B., et al.: Authentication in distributed systems: theory and practice. In: Proc. 13th ACM Symposium on Operating Systems Principles (1991)Google Scholar
  21. 21.
    McCune, J., et al.: Minimal TCB Code Execution (Extended Abstract). In: Proc. IEEE Symposium on Security and Privacy (2007)Google Scholar
  22. 22.
    Nauman, M., et al.: Beyond kernel-level integrity measurement: Enabling remote attestation for the android platform. In: Proc. International Conference on Trust and Trustworthy Computing (2010)Google Scholar
  23. 23.
    Poritz, J., et al.: Property attestation scalable and privacy-friendly security assessment of peer computers. Technical Report RZ3548, IBM Research (2004)Google Scholar
  24. 24.
    Richardson, T.: The rfb protocol (2010), http://www.realvnc.com/docs/rfbproto.pdf
  25. 25.
    Sadeghi, A.-R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proc. Workshop on New Security Paradigms (2004)Google Scholar
  26. 26.
    Sailer, R., et al.: Design and implementation of a tcg-based integrity measurement architecture. In: Proc. 13th USENIX Security Symposium (2004)Google Scholar
  27. 27.
    Schulzrinne, H., et al.: RTP: A transport protocol for real-time applications (2003)Google Scholar
  28. 28.
    Shi, E., et al.: Bind: A fine-grained attestation service for secure distributed systems. In: Proc. IEEE Symposium on Security and Privacy (2005)Google Scholar
  29. 29.
    Bluetooth SIG. Bluetooth specification version 2.1 + edr (2007)Google Scholar
  30. 30.
    Srage, J., Azema, J.: M-Shield mobile security technology (2005), TI White paper, http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf
  31. 31.
    Stumpf, F., et al.: Improving the scalability of platform attestation. In: Proc. 3rd ACM Workshop on Scalable Trusted Computing (2008)Google Scholar
  32. 32.
    Trusted Platform Module (TPM) Specifications, https://www.trustedcomputinggroup.org/specs/TPM/
  33. 33.
    International Telecommunications Union. Decreasing driver distraction, itu-t technology watch report (August 2010), http://www.itu.int/dms_pub/itu-t/oth/23/01/T230100000F0001PDFE.pdf

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Kari Kostiainen
    • 1
  • N. Asokan
    • 1
  • Jan-Erik Ekberg
    • 1
  1. 1.Nokia Research CenterFinland

Personalised recommendations