Automated Recovery in a Secure Bootstrap Process

Proceedings of the Symposium on Network and Distributed System Security, NDSS 1998

Volumn , Issue , 1998, Pages

  Arbaugh, William A ^a   Keromytis, Angelos D ^a   Farber, David J ^a   Smith, Jonathan M ^a  

^a UNIVERSITY OF PENNSYLVANIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SYSTEM RECOVERY; NETWORK ARCHITECTURE;

BASIC PRINCIPLES; DESIGN DECISIONS; HIGH LEVEL OF ABSTRACTION; INTEGRITY CHECK; RECOVERY PROCEDURE; SECURITY PROPERTIES; SYSTEMS ARCHITECTURE;

NETWORK SECURITY;

EID: 85073202707     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (40)

1. D. S. Alexander, W. A. Arbaugh, A. D. Keromytis, and J. M. Smith. A Secure Active Network Environment Architecture. Technical Report MS-CIS-97-17, University of Pennsylvania, November 1997.
2. S. Alexander and R. Droms. DHCP Options and BOOTP Vendor Extensions. Internet RFC 2132, March 1997.
3. W. Almesberger. LILO Technical Overview, version 19 edition, May 1996.
4. W. A. Arbaugh, D. J. Farber, and J. M. Smith. A Secure and Reliable Bootstrap Architecture. In Proceedings 1997 IEEE Symposium on Security and Privacy, pages 65–71, May 1997.
5. A. Aziz, T. Markson, and H. Prafullchandra. Assigned Numbers for SKIP Protocols. http://skip.incog.com/spec/numbers.html.
6. C. Committee. Recommendation X.209: Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1), 1988.
7. C. Committee. X.509: The Directory Authentication Framework. International Telephone and Telegraph, International Telecommunications Union, Geneva, 1989.
8. C. Computer, D. Computer, H. Packard, Intel, and M. Corporations. Network PC System Design Guidelines, 1.0b edition, July 1997.
9. W. Diffie and M. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT–22(6):644–654, Nov 1976.
10. W. Diffie, P. van Oorschot, and M. Wiener. Authentication and Authenticated Key Exchanges. Designs, Codes and Cryptography, 2:107–125, 1992.
11. R. Droms. Authentication for DHCP Messages. Work in Progress, August 1997.
12. R. Droms. Dynamic Host Configuration Protocol, RFC 2131, March 1997.
13. D. Eastlake and C. Kaufman. Dynamic Name Service and Security. Internet RFC 2065, January 1997.
14. J. Elischer. 386 boot. /sys/i386/boot/biosboot/README.386, July 1996. 2.1.5 FreeBSD.
15. C. M. Ellison. SDSI/SPKI BNF. Private Email, July 1997.
16. C. M. Ellison, B. Frantz, R. Rivest, and B. M. Thomas. Simple Public Key Certificate. Work in Progress, April 1997.
17. R. Finlayson. Bootstrap Loading using TFTP. Internet RFC 906, June 1984.
18. Y. D. G. Davida and B. Matt. Defending Systems Against Viruses through Cryptographic Authentication. In 1989 IEEE Symposium on Security and Privacy, pages 312–318. IEEE, 1989.
19. J. Goldmeer. Re: Re: Pentium pro floating point patch. USENET Posting to intel.motherboards.pentium pro, November 1997.
20. L. Gong and P. Syverson. Fail-Stop Protocols: An Approach to Designing Secure Protocols. In Proceedings of IFIP DCCA-5, September 1995.
21. T. Granlund. The GNU Multiple Precision Arithmetic Library. TMG Datakonsult, 2.0.2 edition, June 1996.
22. R. Grimes. AT386 Protected Mode Bootstrap Loader. /sys/i386/boot/biosboot/README.MACH, October 1993. 2.1.5 FreeBSD.
23. M. Gutschke and K. Yap. Etherboot 3.2. http://www.syd.dit.csiro.au/staff/ken/personal/etherboot/, July 1997.
24. L. Heberlein and M. Bishop. Attack Class: Address Spoofing. In Proceedings of the 19th National Information Systems Security Conference, pages 371–377, October 1996.
25. S. Kent and R. Atkinson. Work in Progress, October 1997.
26. H. Krawczyk, M. Bellare, and R. Canetti. HMAC:Keyed–Hashing for Message Authentication. Internet RFC 2104, February 1997.
27. J. Lacy, D. Mitchell, and M. Blaze. Cryptolib 2.0beta. Email to cryptolib@research.att.com, 1995.
28. T. Lemon. Dynamic Host Configuration Server. ftp://ftp.fugue.com/pub/, 1997.
29. H. Levy. Capability Based Computer Systems. Digital Press, 1984.
30. P. T. Ltd. System BIOS for IBM PCs, Compatibles, and EISA Computers. Addison Wesley, 2nd edition, 1991.
31. C. Madson and R. Glenn. The Use of HMAC-SHA1-1-96 within ESP and AH. Work in Progress, November 1997.
32. G. Malkin and A. Harkin. TFTP Option Extension. Internet RFC 1782, March 1995.
33. D. Maughan, M. Schertler, M. Schneider, and J. Turner. Internet Security Association and Key Management Protocol (ISAKMP). Internet–draft, IPSEC Working Group, June 1996.
34. Microsoft. Authenticode Techonology. Microsoft’s Developer Network Library, October 1996.
35. N. I. of Standards. Digital Signature Standard. Technical Report FIPS-186, U.S. Department of Commerce, May 1994.
36. N. I. of Standards. Secure Hash Standard. Technical Report FIPS-180-1, U.S. Department of Commerce, April 1995. Also known as: 59 Fed Reg 35317 (1994).
37. B. V. Patel. Securing DHCP. Work in Progress, July 1997.
38. M. M. Pozzo and T. E. Gray. A Model for the Containment of Computer Viruses. In 1989 IEEE Symposium on Security and Privacy, pages 312–318. IEEE, 1989.
39. J. Reynolds and J. Postel. Assigned Numbers. Internet RFC 1700, October 1994.
40. K. R. Sollins. The TFTP Protocol (revision 2). Internet RFC 1350, July 1992.