DocumentCode
2847618
Title
Attestation & Authentication for USB Communications
Author
Zhaohui Wang ; Johnson, R. ; Stavrou, Angelos
Author_Institution
Dept. of Comput. Sci., George Mason Univ., Fairfax, VA, USA
fYear
2012
fDate
20-22 June 2012
Firstpage
43
Lastpage
44
Abstract
In this paper, we present the design, implementation, and software testing of USBSec, a secure extension of the vanilla USB protocol that incorporates host authentication to defend against software threats. Specifically, we force the USB host to supply authentication information to the peripheral device before enumerating the device. The peripheral validates the authentication information against its own list of authorized host keys. If both sides can validate each other, standard USB enumeration continues otherwise the connection is terminated. We have implemented a fully working prototype of USBSec based on USB implementation in Linux kernel and our experimental results demonstrate its practicality and effectiveness.
Keywords
Linux; authorisation; operating system kernels; peripheral interfaces; program testing; Linux kernel; USB communication; USB enumeration; USB host; USB implementation; USBSec prototype; attestation; authentication information; authorized host keys; peripheral device; software testing; software threats; vanilla USB protocol; Authentication; Hardware; Kernel; Protocols; Universal Serial Bus; Mobile Device; PKI; Security; USB;
fLanguage
English
Publisher
ieee
Conference_Titel
Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on
Conference_Location
Gaithersburg, MD
Print_ISBN
978-1-4673-2670-4
Type
conf
DOI
10.1109/SERE-C.2012.43
Filename
6258448
Link To Document