Kells: A protection framework for portable data

Kevin R.B. Butler, Stephen E. McLaughlin, Patrick D. McDaniel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations


Portable storage devices, such as key-chain USB devices, are ubiquitous. These devices are often used with impunity, with users repeatedly using the same storage device in open computer laboratories, Internet cafes, and on office and home computers. Consequently, they are the target of malware that exploit the data present or use them as a means to propagate malicious software. This paper presents the Kells mobile storage system. Kells limits untrusted or unknown systems from accessing sensitive data by continuously validating the accessing host's integrity state. We explore the design and operation of Kells, and implement a proof-of-concept USB 2.0 storage device on experimental hardware. Our analysis of Kells is twofold. We first prove the security of device operation (within a freshness security parameter Δt) using the LS2 logic of secure systems. Second, we empirically evaluate the performance of Kells. These experiments indicate nominal overheads associated with host validation, showing a worst case throughput overhead of 1.22% for read operations and 2.78% for writes.

Original languageEnglish (US)
Title of host publicationProceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010
PublisherIEEE Computer Society
Number of pages10
ISBN (Print)9781450301336
StatePublished - 2010

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'Kells: A protection framework for portable data'. Together they form a unique fingerprint.

Cite this