Towards Trustworthy Kiosk Computing

Garriss, Scott; ́aceres, Ram ́on C; Berger, Stefan; Sailer, Reiner; Doorn, Leendert van; Zhang, Xiaolan

doi:10.1109/wmcsa.2007.4389556

Cited by 11 publications

(14 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Previous work on securing public computing infrastructure like Internet kiosks has focused on the use of smartphones to establish trust in a computing platform [4] or to offload the processing of sensitive information [2,8,11], and the use of lightweight cryptosystems such as Hierarchical Identity-based Encryption (HIBE) to protect kiosk user data [1,7,9]. Unfortunately, challenges posed by rural kiosks, specifically (a) the absence of specialized hardware features such as Trusted Platform Modules (TPMs) [15] or a modifiable BIOS in older recycled PCs, (b) the potential use of DTN, (c) the absence of a production-ready implementation of HIBE and (d) the limited availability of smartphones in most developing regions make these approaches difficult, if not impossible, to implement in our scenario.…”

Section: Figure 1: Rural Internet Kioskmentioning

confidence: 99%

“…The only robust solution is shutting down a kiosk terminal when a user logs out and training users to boot the kiosk terminal before logging in. Currently proposed techniques for verifying the integrity of public computing platforms such as kiosk terminals [4] require the use of trusted mobile computing devices and the presence of specialized hardware in kiosk terminals (e.g., TPMs), assumptions which will likely not be reasonable in developing regions for quite some time. The use of a scheme such as that proposed by Surie et al [12], whereby users boot terminals from a trusted USB memory stick before logging in as a means of verifying the integrity of the terminal's software, is precluded by the use of recycled PCs as terminals.…”

Section: Franchiseementioning

confidence: 99%

“…In some approaches [4,12], a user queries the proxy about its state and verifies that this state is trustworthy. These approaches require that the user has a trusted device to execute a query.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Practical security for rural internet kiosks

Rahman

Hengartner

Ismail

et al. 2008

Proceedings of the Second ACM SIGCOMM Workshop on Networked Systems for Developing Regions

View full text Add to dashboard Cite

Rural Internet kiosks typically provide weak security guarantees and therefore cannot support secure web access or transaction-oriented applications such as banking and bill payment. We present a practical, unobtrusive and easy-touse security architecture for rural Internet kiosks that uses a combination of physical and cryptographic mechanisms to protect user data and kiosk infrastructure. Our contributions include (a) a detailed threat analysis of rural Internet kiosks, (b) a security architecture for rural Internet kiosks that does not require any specialized hardware features in kiosks, and (c) an application-independent and backwardcompatible security API for securely sending and receiving data between kiosks and the Internet that can operate over disconnection-tolerant links.

show abstract

Section: Figure 1: Rural Internet Kioskmentioning

confidence: 99%

Section: Franchiseementioning

confidence: 99%

See 1 more Smart Citation

Practical security for rural internet kiosks

Rahman

Hengartner

Ismail

et al. 2008

Proceedings of the Second ACM SIGCOMM Workshop on Networked Systems for Developing Regions

View full text Add to dashboard Cite

show abstract

“…The problem with such systems is the privacy concerns they present. Various methods have been utilized to protect the privacy of the user such as personal headsets for viewing personal content in tandem with the kiosk (Eaddy, Blasko, Babcock, & Feiner, 2004) and mobile devices for viewing this information in relation to the kiosk (Garriss, et al, 2006). Other tactics are also discussed with regards to kiosk placement to minimize the risk of eavesdroppers (Maguire, 1999).…”

Section: Kiosk Technologymentioning

confidence: 99%

Improving direction-giving through utilization of an RFID-enabled kiosk

Luse

Townsend

2008

2008 IEEE International Conference on Electro/Information Technology

View full text Add to dashboard Cite

This paper presents an RFID-enabled module for an electronic kiosk physical user interface which provides personalized information retrieval. The system builds on research in direction-giving by streamlining the process of the direction-giving phase and minimizing the introduction and closure phases, thereby providing the user with a quicker transaction for personalized information. The RFID technology also provides potential for greater security and privacy for the user of the kiosk system as compared to traditional magnetic strip methods. The developed RFID-enabled system is built on top of a current production informational kiosk utilized for a building directory, which was used for initial testing and evaluation.

show abstract

“…Garriss et al [10] are describing an Internet kiosk scenario based on the IBM's Integrity Measurement Architecture (IMA) [21]. IMA extends a normal Linux with trusted computing functionality.…”

Section: Related Workmentioning

confidence: 99%

Trusted Computing Serving an Anonymity Service

Böttcher

Kauer

Härtig

Trusted Computing - Challenges and Applications

View full text Add to dashboard Cite

We leveraged trusted computing technology to counteract certain insider attacks. Furthermore, we show with one of the rare server based scenarios that an anonymity service can profit from trusted computing. We based our design on the Nizza Architecture [14] with its small kernel and minimal multi-server OS. We even avoided Nizza's legacy container and got a much smaller, robust and hopefully more secure system, since we believe that minimizing the trusted computing base is an essential requirement for trust into software.

show abstract

Towards Trustworthy Kiosk Computing

Cited by 11 publications

References 10 publications

Practical security for rural internet kiosks

Practical security for rural internet kiosks

Improving direction-giving through utilization of an RFID-enabled kiosk

Trusted Computing Serving an Anonymity Service

Contact Info

Product

Resources

About