Lecture Notes in Computer Science 5185

More documents

Recommendations

Info

24 S. Choi et al. Table 1. Performance of Measurement and Verification (in sec) Target Size Measurement Verification RIM Cert ld-linux.so 115668, 72004 0.02 0.41 0.40 libm.so 780380, 442164 0.1 0.41 0.40 libssl.so 217324, 126848 0.03 0.42 0.40 libnss files.so 54324, 28032 0.00 0.42 0.40 wlanconfig 74720, 45304 0.01 0.43 0.40 tcsd 314032, 111756 0.04 0.41 0.40 attestation agent 76440, 41632 0.01 0.42 0.40 busybox 358536, 276312 0.05 0.43 0.40 The first number in the field of Size is the entire file size and the second one is the size of text and data segments. RIM Cert field represents the time taken from sending request of RIM Cert Verification and Extend to the MTM board to getting the response from it. Each figure is the average time of running a test 10 times using the do gettimeofday() function supported in Linux Kernel. The delay by verification is almost static and most of the delay comes from RIM Cert Verification and Extend. The signature verification with RSA 2048 public key and relatively slow data transmission speed of I 2 C may contribute to the delay. The overhead due to measurement grows with the size of text and data segments as the input for hash operation increases. Our experiment shows that the initial loading of executables or libraries can be delayed up to 0.51 sec and this overhead decreases to less than or equal to 0.1 sec with the introduction of cache, since no verification is required. libm.so is one of the large libraries in embedded Linux and the loading of it with cache takes 0.1 sec thus we believe that the overhead shown is not critical. We also perform an experimentation to assess the time taken for attestation. The system for running Privacy CA and Challenger is the IBM ThinkPad notebook which uses an Intel CPU running at 2 GHz and has 2 GB RAM. Privacy CA and Challenger communicate with DMB device in the same subnet over wireless LAN. Table 2 summarizes the performance of attestation with 4 measurement entries in ML and 14 measurement entries in ML. Each tests is conducted 10 times and the result is the average of them. The meaning of each fields is as follows: Attestation: the entire time taken for attestation, Client: preparing attestation response message at mobile device, Quote: retrieving a Quote message from a MTM, OIAP: creation of authorization session with a MTM using Object-Independent Authorization Protocol (OIAP) , Challenge: Table 2. Performance of Attestation (in sec) Attestation Client Quote OIAP Challenge Verification 4entries 1.9416 1.63 0.856 0.36 0.0461 0.006 14 entries 1.9908 1.63 0.856 0.36 0.0497 0.0062
Implementation of a TCG-Based Trusted Computing in Mobile Device 25 preparing attestation challenge message, and Verification: verifying the attestation response message. As shown above, the attestation can be completed within 2 seconds and this is believed to be a promising result considering further optimization of TSS and MTM. The creation of attestation response message at DMB device takes about 83 percent of the time taken for attestation. The retrieval of Quote message from the MTM and creation of OIAP session with the MTM, respectively, contribute 53 percent and 22 percent of the time for attestation response creation. These two tests are done by measuring how long it takes to return back after calling Linux MTM Driver. Thus, data transmission to and from a MTM and processing inside a MTM take 75 percent of the time for attestation response creation. The Quote operation is the most expensive and this is understandable because the operation requires interaction with the MTM through I 2 C bus and includes signing with RSA 2048 private key. As the number of measurement entries increases, attestation takes a little longer but the difference is not significant. The difference may be attributed to the longer delay to transfer it over wireless LAN. The number of measurement entries increases by 10, which means SHA-1 operation should be conducted 10 times more at Challenger, but the overhead due to this is negligible because the time for verification grows just by 0.2 microseconds. The overhead for preparing attestation challenge is subject to large fluctuations as random number generation can be done in short time or take long. The generation of random number is done using RAND bytes() function supported in openssl. The experimentation over other kinds of communication channel will produce different result, maybe longer delay because wireless LAN can deliver data at relatively high speed and all the participants in this experimentation are in the same subnet. 5 Future Work Our implementation makes it possible to determine the code-integrity of executables and libraries at load-time, but it doesn’t prevent modifying code existing in memory or executing injected code. Without the guarantee that loaded code is not vulnerable to attack during its operation, the decision about the platform integrity lacks confidence. Even worse is the fact that the kernel code in memory can be manipulated. According to the [10], there are at least three ways in which an attacker can inject code into a kernel as follows: loading a kernel module into a kernel, exploiting software vulnerabilities in the kernel code, and corrupting kernel memory via DMA writes. As the mechanism of integrity measurement and verification is realized as part of the kernel, the compromise of kernel can lead to the disruption of measurement and verification process. However, the measurement of the running kernel can’t be easily represented with a hash as discussed in [9] and we also need to figure out where to place the functionality of measuring the running kernel. The fist issue is rather general problem as it is hard to measure running processes, either it is application or kernel. The latter issue can be solved by leveraging virtualization technology which provides separation between the measurement functionality and the measurement target.
Page 1 and 2: Lecture Notes in Computer Science 5
Page 3 and 4: Volume Editors Steven Furnell Unive
Page 5 and 6: Program Committee General Chairpers
Page 7 and 8: Invited Lecture Table of Contents B
Page 9 and 10: Biometrics - How to Put to Use and
Page 11 and 12: Biometrics-HowtoPuttoUseandHowNotat
Page 13 and 14: Biometrics-HowtoPuttoUseandHowNotat
Page 15 and 16: 7 Outlook Biometrics-HowtoPuttoUsea
Page 17 and 18: A Map of Trust between Trading Part
Page 27 and 28: Implementation of a TCG-Based Trust
Page 31: Implementation of a TCG-Based Trust
Page 37 and 38: A Model for Trust Metrics Analysis
Page 47 and 48: Patterns and Pattern Diagrams for A
Page 51 and 52: Policy Model AC model Patterns and
Page 53 and 54: Broker Investor Doctor Patient 1
Page 57 and 58: A Spatio-temporal Access Control Mo
Page 67 and 68: A Mechanism for Ensuring the Validi
Page 77 and 78: Multilateral Secure Cross-Community
Page 83 and 84:
Multilateral Secure Cross-Community
Page 85 and 86:
Multilateral Secure Cross-Community
Page 87 and 88:
Fairness Emergence through Simple R
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Combining Trust and Reputation Mana
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
Controlling Usage in Business Proce
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
A Semantics Rules for POLPA-Control
Page 125 and 126:
Page 127 and 128:
Spatiotemporal Connectives for Secu
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
5.2 Expressiveness Spatiotemporal C
Page 135 and 136:
Acknowledgement Spatiotemporal Conn
Page 137 and 138:
BusiROLE: A Model for Integrating B
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
The Problem of False Alarms: Evalua
Page 149 and 150:
The Problem of False Alarms 141 pro
Page 151 and 152:
The Problem of False Alarms 143 To
Page 153 and 154:
The Problem of False Alarms 145 mad
Page 155 and 156:
The Problem of False Alarms 147 Des
Page 157 and 158:
The Problem of False Alarms 149 3.
Page 159 and 160:
A Generic Intrusion Detection Game
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
On the Design Dilemma in Dining Cry
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Obligations: Building a Bridge betw
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
A User-Centric Protocol for Conditi
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Identity Escrow: A User-Centric Pro
Page 201 and 202:
Page 203 and 204:
Preservation of Privacy in Thwartin
Page 205 and 206:
Page 207 and 208:
Page 209 and 210:
Page 211 and 212:
Page 213:
Agudo, Isaac 28 Aich, Subhendu 118
show all

Lecture Notes in Computer Science 5185

Create successful ePaper yourself

Delete template?

Save as template?