Skip to main content
SpringerLink
Log in

Practical Property-Based Attestation on Mobile Devices

  • Conference paper
Trust and Trustworthy Computing (Trust 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6740))

Included in the following conference series:

Abstract

We address property-based attestation in the context of an in-vehicle communication system called Terminal Mode that allows mobile devices to “stream” services, such as navigation or music, to car head-units. In Terminal Mode, attestation of the mobile device is needed to enforce driver distraction regulations and traditional binary attestation is not applicable due to frequently needed measurement updates and limited connectivity of car head-units. We present a novel attestation scheme that bootstraps from existing application certification infrastructures available on mobile device platforms, and thus avoids the need to setup and maintain a new service that provides translation from software measurements to properties, and consequently makes realization of property-based attestation economically feasible.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alam, M., et al.: Model-based behavioral attestation. In: Proc. 13th ACM Symposium on Access Control Models and Technologies (2008)

    Google Scholar 

  2. WiFi Alliance. WiFi protected setup specification v1.0 (2007)

    Google Scholar 

  3. Arbaugh, W., et al.: A secure and reliable bootstrap architecture. In: Proc. IEEE Symposium on Security and Privacy (1997)

    Google Scholar 

  4. ARM. Trustzone-enabled processor, http://www.arm.com/products/processors/technologies/trustzone.php

  5. National Highway Safety Traffic Association. The impact of driver inattention on near-crash/crash risk: An analysis using the 100-car naturalistic driving study data (2006), http://www.nhtsa.gov/DOT/NHTSA/NRD/Multimedia/PDFs/Crash%20Avoidance/2006/DriverInattention.pdf

  6. Brakensiek, J.: Terminal mode technical architecture (2010), http://www.nokia.com/terminalmode

  7. Chen, L., et al.: A protocol for property-based attestation. In: Proc. First ACM Workshop on Scalable Trusted Computing (2006)

    Google Scholar 

  8. Chen, L., et al.: Property-based attestation without a trusted third party. In: Proc. 11th International Conference on Information Security (2008)

    Google Scholar 

  9. Dolev, D., Yao, A.: On the security of public key protocols. Technical report. Stanford University (1981)

    Google Scholar 

  10. UPnP Forum, http://upnp.org/sdcps-and-certification/standards/

  11. Gasmi, Y., et al.: Beyond secure channels. In: Proc. 2nd ACM Workshop on Scalable Trusted (2007)

    Google Scholar 

  12. Goldman, K., et al.: Linking remote attestation to secure tunnel endpoints. In: Proc. 1st ACM Workshop on Scalable Trusted Computing (2006)

    Google Scholar 

  13. Trusted Computing Group. Mobile trusted module specification, version 1.0 (2008)

    Google Scholar 

  14. Haldar, V., et al.: Semantic remote attestation - virtual machine directed approach to trusted computing. In: Virtual Machine Research and Technology Symposium (2004)

    Google Scholar 

  15. Kasatkin, D.: Mobile simplified security framework. In: Proc. 12th Linux Symposium (2010)

    Google Scholar 

  16. Kil, C., et al.: Remote attestation to dynamic system properties: Towards providing complete system integrity evidence. In: Proc. International Conference on Dependable Systems and Networks (2009)

    Google Scholar 

  17. Korthaus, R., et al.: A practical property-based bootstrap architecture. In: Proc. 4th ACM Workshop on Scalable Trusted Computing (2009)

    Google Scholar 

  18. Kostiainen, K., et al.: Old, new, borrowed, blue: A perspective on the evolution of platform security architectures. In: Proc. 1st ACM Conference on Data and Application Security and Privacy (2011)

    Google Scholar 

  19. Kühn, U., et al.: Realizing property-based attestation and sealing with commonly available hard- and software. In: Proc. 2nd ACM Workshop on Scalable Trusted Computing (2007)

    Google Scholar 

  20. Lampson, B., et al.: Authentication in distributed systems: theory and practice. In: Proc. 13th ACM Symposium on Operating Systems Principles (1991)

    Google Scholar 

  21. McCune, J., et al.: Minimal TCB Code Execution (Extended Abstract). In: Proc. IEEE Symposium on Security and Privacy (2007)

    Google Scholar 

  22. Nauman, M., et al.: Beyond kernel-level integrity measurement: Enabling remote attestation for the android platform. In: Proc. International Conference on Trust and Trustworthy Computing (2010)

    Google Scholar 

  23. Poritz, J., et al.: Property attestation scalable and privacy-friendly security assessment of peer computers. Technical Report RZ3548, IBM Research (2004)

    Google Scholar 

  24. Richardson, T.: The rfb protocol (2010), http://www.realvnc.com/docs/rfbproto.pdf

  25. Sadeghi, A.-R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proc. Workshop on New Security Paradigms (2004)

    Google Scholar 

  26. Sailer, R., et al.: Design and implementation of a tcg-based integrity measurement architecture. In: Proc. 13th USENIX Security Symposium (2004)

    Google Scholar 

  27. Schulzrinne, H., et al.: RTP: A transport protocol for real-time applications (2003)

    Google Scholar 

  28. Shi, E., et al.: Bind: A fine-grained attestation service for secure distributed systems. In: Proc. IEEE Symposium on Security and Privacy (2005)

    Google Scholar 

  29. Bluetooth SIG. Bluetooth specification version 2.1 + edr (2007)

    Google Scholar 

  30. Srage, J., Azema, J.: M-Shield mobile security technology (2005), TI White paper, http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf

  31. Stumpf, F., et al.: Improving the scalability of platform attestation. In: Proc. 3rd ACM Workshop on Scalable Trusted Computing (2008)

    Google Scholar 

  32. Trusted Platform Module (TPM) Specifications, https://www.trustedcomputinggroup.org/specs/TPM/

  33. International Telecommunications Union. Decreasing driver distraction, itu-t technology watch report (August 2010), http://www.itu.int/dms_pub/itu-t/oth/23/01/T230100000F0001PDFE.pdf

Download references

Author information

Authors and Affiliations

  1. Nokia Research Center, Finland

    Kari Kostiainen, N. Asokan & Jan-Erik Ekberg

Authors
  1. Kari Kostiainen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. N. Asokan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jan-Erik Ekberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Carnegie Mellon University, 5000 Forbes Ave, 15213, Pittsburgh, PA, USA

    Jonathan M. McCune  & Adrian Perrig  & 

  2. Hewlett-Packard Labs, Long Down Ave, BS34 8QZ, Stoke Gifford, Bristol, UK

    Boris Balacheff

  3. TU Darmstadt / Fraunhofer SIT, Mornewegstr.32, 64293, Darmstadt, Germany

    Ahmad-Reza Sadeghi

  4. University College London, Gower Street, WC1E 6BT, London, UK

    Angela Sasse

  5. Hewlett Packard Labs, Long Down Ave, BS34 8QZ, Stoke Gifford, Bristol, UK

    Yolanta Beres

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kostiainen, K., Asokan, N., Ekberg, JE. (2011). Practical Property-Based Attestation on Mobile Devices. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, AR., Sasse, A., Beres, Y. (eds) Trust and Trustworthy Computing. Trust 2011. Lecture Notes in Computer Science, vol 6740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21599-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21599-5_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21598-8

  • Online ISBN: 978-3-642-21599-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation