|
Executive Summary
Security is an
issue that has grown proportionately to the rise of computers in
information based societies, where electronics and computing
serve as information processors. Security issues require
guarantees from a computer platform to prove its trustworthiness
by presenting the integrity of its core security mechanisms and
configuration of applications involved and related to the
information flow. The ability of a platform to provide an
assurance that it can be trusted requires a hardware root of
trust, which verifies the integrity of security subsystems and
applications. Such a hardware-based solution has recently
emerged known as the concept of Trusted Computing which
enable platforms to give assurance of the platform’s integrity
to its own users and to remote parties. Trusted Computing
facilitates this capability using a special hardware chip called
the Trusted Platform Module (TPM). The TPM enables a service
provide to attest remotely that the software running on the
service requester is in a trusted state. This allows the service
provide to draw conclusions regarding the trustworthiness of the
target application on the remote platform and provides assurance
to the service provider that the resources released to the
service requester will not be compromised. Existing remote
attestation techniques have been shown to be useful in some
limited scenarios but lack in the measurement of true dynamic
behavior of a remote platform.
This project
aims to develop a new dynamic behavior attestation technique for
mobile platforms. Nowadays mobile devices play an important role
in an information based society and Trusted Computing Groups
have recently developed and released specification for a mobile
TPM – called Mobile Trusted Module (MTM).
Existing
remote attestation technique relies solely on binary hashes of
executables on a remote platform. This type of trust tokens is
not sufficient for the establishment of trust on a remote party.
The objective of this research is the design and development of
a new remote attestation technique, which is sufficiently
dynamic in nature to meet the heterogeneous needs of modern
societies primarily relying on the information processing
infrastructure, built on mobile platforms. The project aims to
bring the benefits of remote attestation – an essential part of
Trusted Computing – to mobile platforms and develop a usage
control application which can be attested to be trustworthy by a
remote platform. This is a novel work in its own right and is on
the cutting edge of research related to Trusted Computing.
The key
benefits of this project are given below:
-
The prototype will be developed on mobile
platforms using open source technologies allowing free
distribution of new changes.
-
The project will deliver dynamic
remote attestation in heterogeneous environments, and enable
trust on mobile platforms to leverage remote attestation.
-
The eventual beneficiaries of this project will be
the industries involved in trusted computing for up-coming
trusted designs and especially on mobile platforms.
-
The project will benefit all major sectors of
industry including telecom, e-government, and health-care.
Details about and progress of the project can be seen at
http://serg.imsciences.edu.pk/projects/dbamp
|