Noninvasive methods for host certification

Patrick Traynor; Michael Chien; Scott Weaver; Boniface Hicks; Patrick McDaniel

doi:10.1145/1341731.1341737

Noninvasive methods for host certification

Patrick Traynor, Michael Chien, Scott Weaver, Boniface Hicks, Patrick McDaniel

Research output: Contribution to journal › Article › peer-review

8 Scopus citations

Abstract

Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe on the privacy of users. In this article, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to antivirus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements required security practices.

Original language	English (US)
Article number	16
Journal	ACM Transactions on Information and System Security
Volume	11
Issue number	3
DOIs	https://doi.org/10.1145/1341731.1341737
State	Published - Mar 1 2008

All Science Journal Classification (ASJC) codes

General Computer Science
Safety, Risk, Reliability and Quality

Access to Document

10.1145/1341731.1341737

Cite this

@article{9e4ea8348cad4196bdf92ace4bcb23fa,

title = "Noninvasive methods for host certification",

abstract = "Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe on the privacy of users. In this article, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to antivirus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements required security practices.",

author = "Patrick Traynor and Michael Chien and Scott Weaver and Boniface Hicks and Patrick McDaniel",

year = "2008",

month = mar,

day = "1",

doi = "10.1145/1341731.1341737",

language = "English (US)",

volume = "11",

journal = "ACM Transactions on Information and System Security",

issn = "1094-9224",

publisher = "Association for Computing Machinery (ACM)",

number = "3",

}

TY - JOUR

T1 - Noninvasive methods for host certification

AU - Traynor, Patrick

AU - Chien, Michael

AU - Weaver, Scott

AU - Hicks, Boniface

AU - McDaniel, Patrick

PY - 2008/3/1

Y1 - 2008/3/1

N2 - Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe on the privacy of users. In this article, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to antivirus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements required security practices.

AB - Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe on the privacy of users. In this article, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to antivirus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements required security practices.

UR - http://www.scopus.com/inward/record.url?scp=41549140066&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=41549140066&partnerID=8YFLogxK

U2 - 10.1145/1341731.1341737

DO - 10.1145/1341731.1341737

M3 - Article

AN - SCOPUS:41549140066

SN - 1094-9224

VL - 11

JO - ACM Transactions on Information and System Security

JF - ACM Transactions on Information and System Security

IS - 3

M1 - 16

ER -

Noninvasive methods for host certification

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this