Inexpensive portable storage devices that are available in the market today have made it easier for users to carry data and programs with them and borrow computing platforms when needed. While this model of computing is very attractive, it is promiscuous and thus protection is needed both for the borrower and owner of the computing platform. In this paper, we focus on a subset of this computing model, called portable storage based personalizationwhere the user boots the borrowed PC from her portable storage device, i.e. pocket hard drive. We analyze the security implications of this model and present a scheme to protect the pocket hard drive from the untrusted platform. The protection scheme includes running tests stored on the pocket hard drive to assess the integrity of the borrowed platform and ensuring that these tests actually get executed untampered.
By: Nishkam Ravi; Chandra Narayanaswami; Mandayam Raghunath; Marcel Rosu
Published in: RC24267 in 2007
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .