An autonomous attestation token to secure mobile agents in disaster response

Authors

  • Daniel M. Hein,

    Corresponding author
    1. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, A–8010 Graz, Austria
    • Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, A–8010 Graz, Austria.
    Search for more papers by this author
  • Ronald Toegl,

    1. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, A–8010 Graz, Austria
    Search for more papers by this author
  • Stefan Kraxberger

    1. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, A–8010 Graz, Austria
    Search for more papers by this author

Abstract

Modern communication and computing devices have the potential to increase the efficiency of disaster response. Mobile agents and ad hoc networks are decentralized and flexible technologies to leverage this potential. While both ad hoc networks and mobile agent platforms suffer from a greater variety of security risks than the classic client-server approach, Trusted Computing is capable of alleviating these problems. Unfortunately, Remote Attestation, a core concept of Trusted Computing, requires a powerful networked entity to perform trust decisions. The existence and availability of such a service in a disaster response scenario cannot be relied upon. In this paper we introduce the autonomous attestation token (AAT), a hardware token for mobile computing devices that is capable of guaranteeing the trusted state of a limited set of devices without relying on a networked service. We propose a Local Attestation protocol with user interaction that in conjunction with the AAT prevents unauthorized access to an emergency mobile agent platform. In addition, we sketch a possible solution which integrates trusted computing to leverage ad hoc networks and peer-to-peer systems to provide a robust communication platform. This helps ensuring the security of the next generation of disaster response tools. Copyright © 2010 John Wiley & Sons, Ltd.

Ancillary