12th USENIX Security Symposium Abstract
Pp. 295-308 of the Proceedings
Establishing the Genuinity of Remote Computer Systems
Rick Kennell and Leah H. Jamieson, Purdue University
A fundamental problem in distributed computing environments involves
determining whether a remote computer system can be trusted to
autonomously access secure resources via a network. In this paper, we
describe a means by which a remote computer system can be challenged to
demonstrate that it is genuine and trustworthy. Upon passing a
test, it can be granted access to distributed resources and can serve
as a general-purpose host for distributed computation so long as it
remains in contact with some certifying authority. The test we
describe is applicable to consumer-grade computer systems with a
conventional network interface and requires no additional hardware.
The results of the test can be conveyed over an unsecured network; no
trusted human intermediary is needed to relay the results. We examine
potential attacks and weaknesses of the system and show how they can
be avoided. Finally, we describe an implementation of a
genuinity test for a representative set of computer systems.
- View the full text of this paper in HTML and
The Proceedings are published as a collective work, © 2003 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.