Title :
A New Approach to Protect the OS from Off-line Attacks Using the Smart Card
Author :
Ghaleh, Hossein Rezaei ; Norouzi, Shahin
Author_Institution :
Dept. of Electron., Comput. & IT, Islamic Azad Univ. of Qazvin, Qazvin, Iran
Abstract :
Since the present computer systems use layered and modular architectures and execute the instructions in a number of different phases, therefore it has become an imperative to establish a trusted chain between various layers. It usually is integrity checking by hashing of executable codes. With guarantee of software integrity, the Web servers and other network entities can trust to client systems or workstations. Several methods have been proposed for this purpose, each of them have their own advantages and weakness. Recently a group of big software and hardware companies working in information technology field known as trusted computing group (TCG) are engaged in designing and making standards of various aspects of trusted computer systems including applications, PCs, networks, cryptography modules and so on. These standards can make the system trusted, but they need some hardware changes such as BIOS and trusted platform module (TPM). These changes are not applicable for present systems and we have to purchase new hardware. This paper is an attempt at propose a new method that can make the present systems trusted. This method uses are movable trusted storage that is compatible with TCG storage standard.
Keywords :
Internet; cryptography; data integrity; digital signatures; middleware; operating systems (computers); smart cards; BIOS; OS protection approach; PC workstation; TCG; TCG storage standard; TPM; Web server; client system; computer network; cryptography module; digital signature; executable code hashing; hardware company; information technology field; integrity checking; layered architecture; middleware; modular architecture; movable trusted storage; off-line attack; operating system security; smart card; software company; software integrity; trusted computer system; trusted computing group; trusted platform module; Computer aided instruction; Computer architecture; Computer networks; Hardware; Information technology; Operating systems; Protection; Smart cards; Web server; Workstations; OS security; off-line attack; smartcard; trusted computing;
Conference_Titel :
Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference on
Conference_Location :
Athens, Glyfada
Print_ISBN :
978-0-7695-3668-2
DOI :
10.1109/SECURWARE.2009.57