Affiliation:
1. Systems and Internet Infrastructure Security (SIIS) Lab, The Pennsylvania State University
Abstract
Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe on the privacy of users. In this article, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to antivirus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements required security practices.
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Reference45 articles.
1. Aronsson H. A. 1995. Zero knowledge protocols and small systems. www.tml.hut.fi/Opinnot/Tik-110.501/1995/zeroknowledge. Aronsson H. A. 1995. Zero knowledge protocols and small systems. www.tml.hut.fi/Opinnot/Tik-110.501/1995/zeroknowledge.
2. The Blaster Worm: Then and Now
3. Security problems in the TCP/IP protocol suite
4. Direct anonymous attestation
Cited by
7 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献