Eimear Gallery and Kenneth G. Paterson (2008) Challenges for Trusted Computing.
Full text access: Open
This article identifies and discusses some of the key challenges that need to be addressed if the vision of Trusted Computing is to become reality. Topics addressed include issues with setting up and maintaining the PKI required to support the full set of Trusted Computing functionality, the practical use and verification of attestation evidence, and backwards compatibility, usability and compliance issues.
This is a Published version This version's date is: 26/02/2008 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/badf699b-b73d-fe78-6583-0b5d4757c346/1/
Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 15-Dec-2010
[1] Internet Key Exchange (IKEv2) Protocol. RFC 4306, 2005.
[2] R. Anderson. Cryptography and Competition Policy: Issues with‘Trusted Computing’. In Proceedings of the 22nd Annual Symposium onPrinciples of Distributed Computing (PODC 2003), pages 3–10, Boston,Massachusetts, USA, 2003. ACM Press, New York, USA.
[3] R. Anderson. ‘Trusted Computing’ Frequently Asked Questions - Version1.1. http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, August2003.
[4] B. Arbaugh. Improving the TCPA Specification. IEEE Computer,35(8):77–79, August 2002.
[5] B. Balacheff, L. Chen, S. Pearson, D. Plaquin, and G. Proudler. TrustedComputing Platforms: TCPA Technology in Context. Prentice Hall,Upper Saddle River, New Jersey, USA, 2003.
[6] B. Balacheff, L. Chen, S. Pearson, G. Proudler, and D. Chan. ComputingPlatform Security in Cyberspace. Information Security TechnicalReport, 5(1):54–63, 2000.
[7] S. Balfe, E. Gallery, C. J. Mitchell, and K. G. Paterson. Crimewareand Trusted Computing. In M. Jakobsson and Z. Ramzan, editors,Crimeware. Addison-Wesley, 2008.
[8] S. Balfe, A. D. Lakhani, and K. G. Paterson. Securing Peer-to-PeerNetworks using Trusted Computing. In C. J. Mitchell, editor, TrustedComputing, chapter 10, pages 271–298. The Institute of Electrical Engineers(IEE), London, UK, 2005.
[9] S. Balfe and K. G. Paterson. Augmenting Internet-based Card NotPresent Transactions with Trusted Computing: An Analysis. TechnicalReport RHUL-MA-2006-9, Department of Mathematics, Royal Holloway,University of London, London, UK, 2005. http://www.rhul.ac.uk/mathematics/techreports.
[10] S. Balfe and K. G. Paterson. e-EMV: Emulating EMV for Internet Paymentsusing Trusted Computing Technology. Technical Report RHULMA-2006-10, Department of Mathematics, Royal Holloway, Universityof London, London, UK, 2006. http://www.rhul.ac.uk/mathematics/techreports.
[11] P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauery,I. Pratt, and A. Warfield. XEN and the Art of Virtualization.In Proceedings of the 19th ACM Symposium on Operating Systems Principles(SOSP 2003), pages 164–177, Bolton Landing, New York, USA,19–22 October 2003. ACM Press, New York, USA.
[12] B. Beckles, V. Welch, and J. Basney. Mechanisms for Increasing the Usabilityof Grid Security. International Journal of Man-Machine Studies,63(1-2):74–101, 2005.
[13] E. Brickell, J. Camenisch, and L. Chen. Direct Anonymous Attestation.In Proceedings of the 11th ACM Conference on Computer and CommunicationsSecurity (CCS 2004), pages 132–145, Washington DC, USA,2004. ACM Press, New York, USA.
[14] L. Chen, S. Pearson, and A. Vamvakas. On Enhancing Biometric Authenticationwith Data Protection. In R. J. Howlett and L. C. Jain,editors, Proceedings of the 4th International Conference on Knowledge-Based Intelligent Engineering Systems and Allied Technologies, volume1, pages 249–252, Brighton, Sussex, UK, 30th August – 1st September2000. IEEE.
[15] S. Crane. Privacy Preserving Trust Agents. Technical Report HPL-2004-197, HP Labs, Bristol, UK, 11 November 2004.
[16] T. Dierks and C. Allen. The TLS Protocol. RFC 2246, 1999.
[17] J. McCun eand A. Perrig, A. Seshadri, and Leendert van Doorn. TurtlesAll The Way Down: Research Challenges in User-Based Attestation.In Proceedings of 2nd USENIX Workshop on Hot Topics in Security(HotSec 2007), August 2007.
[18] E. Gallery and C. J. Mitchell. Trusted Mobile Platforms. In A. Aldiniand R. Gorrieri, editors, Foundations of Security Analysis and DesignIV (FOSAD 2007), volume 4677 of Lecture Notes in Computer Science,pages 282–323. Springer-Verlag, Berlin, Germany, September 2007.
[19] E. Gallery and A. Tomlinson. Secure Delivery of Conditional Access Applicationsto Mobile Receivers. In C. J. Mitchell, editor, Trusted Computing,IEE Professional Applications of Computing Series 6, chapter 7,pages 195–238. The Institute of Electrical Engineers (IEE), London, UK,2005.
[20] T. Garfinkel, M. Rosenblum, and D. Boneh. Flexible OS Support andApplications for Trusted Computing. In Proceedings of the 9th USENIXWorkshop on Hot Topics on Operating Systems (HotOS-IX), pages 145–150, Kauai, Hawaii, USA, 18–21 May 2003. USENIX, The AdvancedComputing Systems Association, Berkeley, California, USA.
[21] P. Gutmann. PKI: It’s Not Dead, Just Resting. Computer, 35(8):41–49,2002.
[22] Intel. LaGrande Technology Architectural Overview. Technical Report252491-001, Intel Corporation, September 2003.
[23] M. Kinateder and S. Pearson. A Privacy-Enhanced Peer-to-Peer ReputationSystem. In K. Bauknecht, A. Min Tjoa, and G. Quirchmayr, editors,Proceedings of the 4th International Conference on E-Commerce andWeb Technologies, volume 2738 of Lecture Notes in Computer Science,pages 206–216, Prague, Czech Republic, 2–5 September 2003. Springer-Verlag, Berlin-Heidelberg.
[24] D. Kuhlmann, R. Landfermann, H. Ramasamy, M. Schunter, G. Ramunno,and D. Vernizzi. An Open Trusted Computing Architecture— Secure Virtual Machines Enabling User-Defined Policy Enforcement.www.opentc.net, June 2006.
[25] H. L¨ohr, H. V. Ramasamy, A-R. Sadeghi, S. Schulz, M. Schunter,and C. St¨uble. Enhancing Grid Security Using Trusted Virtualization.In Proceedings of the 4th International Conference on Autonomic andTrusted Computing (ATC 2007), volume 4610 of Lecture Notes in ComputerScience (LNCS), pages 372–384, Hong Kong, China, 11–13 July2007. Springer-Verlag, Berlin-Heidelberg.
[26] W. Mao, F. Yan, and C. Chen. Daonity: Grid Security with BehaviourConformity from Trusted Computing. In Proceedings of the 1st ACMworkshop on Scalable Trusted Computing (STC 2006), pages 43–46,Alexandria, Virginia, USA, 3 November 2006.
[27] M. C. Mont, S. Pearson, and P. Bramhall. Towards Accountable Managementof Identity and Privacy: Sticky Policies and Enforceable TracingServices. In Proceedings of the 14th International Workshop onDatabase and Expert Systems Applications (DEXA 2003), pages 377–382, Prague, Czech Republic, 1–5 September 2003. IEEE ComputerSociety.
[28] M. C. Mont, S. Pearson, and P. Bramhall. Towards Accountable Managementof Privacy and Identity Information. In E. Snekkenes andD. Gollmann, editors, Proceedings of the 8th European Symposium onResearch in Computer Security (ESORICS 2003), volume 2808 of LectureNotes in Computer Science, pages 146–161, Gjøvik, Norway, 13-15October 2003. Springer-Verlag, Berlin.
[29] A. Pashalidis and C. J. Mitchell. Single Sign-on using Trusted Platforms.In C. Boyd and W. Mao, editors, Proceedings of the 6th InternationalConference on Information Security (ISC 2003), volume 2851 of LectureNotes in Computer Science, pages 54–68, Bristol, UK, 1–3 October 2003.Springer-Verlag, Berlin-Heidelberg.
[30] S. Pearson. Trusted Agents that Enhance User Privacy by Self-Profiling.Technical Report HPL-2002-196, HP Labs, Bristol, UK, 15 July 2002.
[31] S. Pearson. How Trusted Computers can Enhance for Privacy PreservingMobile Applications. In Proceedings of the 1st International IEEEWoWMoM Workshop on Trust, Security and Privacy for UbiquitousComputing (WOWMOM 2005), pages 609–613, Taormina, Sicily, Italy,13–16 June 2005. IEEE Computer Society, Washington, DC, USA.
[32] M. Peinado, Y. Chen, P. England, and J. Manferdelli. NGSCB: ATrusted Open System. In H. Wang, J. Pieprzyk, and V. Varadharajan,editors, Proceedings of 9th Australasian Conference on InformationSecurity and Privacy (ACISP 2004), volume 3108 of Lecture Notes inComputer Science (LNCS), pages 86–97, Sydney, Austrailia, 13–15 July2004. Springer-Verlag, Berlin-Heidelberg, Germany.
[33] M. Peinado, P. England, and Y. Chen. An Overview of NGSCB. In C. J.Mitchell, editor, Trusted Computing, IEE Professional Applications ofComputing Series 6, chapter 7, pages 115–141. The Institute of ElectricalEngineers (IEE), London, UK, April 2005.
[34] G. Price. PKI—An Insider’s View (Extended Abstract). Technical ReportRHUL-MA-2005-8, Department of Mathematics, Royal Holloway,University of London, Surrey, England, UK, June 2005.
[35] A. Pridgen and C. Julien. A Secure Modular Mobile Agent System. InProceedings of the 2006 International Workshop on Software Engineeringfor Large-Scale Multi-Agent Systems (SELMAS 2006), pages 67–74,Shanghai, China, 22–23 May 2006. ACM Press, New York, USA.
[36] G. J. Proudler. Concepts of Trusted Computing. In C. J. Mitchell,editor, Trusted Computing, IEE Professional Applications of ComputingSeries 6, chapter 2, pages 11–27. The Institute of Electrical Engineers(IEE), London, UK, April 2005.
[37] J. Reid, J. M. Gonzalez Nieto, and E. Dawson. Privacy and TrustedComputing. In Proceedings of the 14th International Workshop onDatabase and Expert Systems Applications (DEXA 2003), pages 383–388, Prague, Czech Republic, 1–5 September 2003. IEEE ComputerSociety.
[38] Electronic Frontier Foundation S. Schoen. Comments on LT Policyon Owner/User Choice and Control 0.8. http://www.eff.org/Infrastructure/trusted_computing/eff_comments_lt_policy.pdf, December 2003.
[39] Electronic Frontier Foundation S. Schoen. Give TCPA an Owner Override.http://www.linuxjournal.com/article/7055, December 2003.
[40] Electronic Frontier Foundation S. Schoen. Comments on TCGDesign, Implementation and Usage Principles 0.95. http://www.eff.org/Infrastructure/trusted_computing/20041004\_eff\_comments\_tcg\_principles.pdf, October 2004.[41] A-R. Sadeghi, M. Selhorst, C. St¨uble, C. Wachsmann, and M. Winandy.TCG inside?: a note on TPM specification compliance. In Proceedingsof the 1st ACM workshop on Scalable trusted computing (STC 2006),pages 47–56, Alexandria, Virginia, USA, 2006. ACM, New York, NY,USA.
[42] A-R. Sadeghi and C. St¨uble. Property-based attestation for computingplatforms: caring about properties, not mechanisms. In C.F.Hempelmann, editor, Proceedings of the 2004 workshop on New securityparadigms (NSPW 2004), pages 67–77, Nova Scotia, Canada, 2004.ACM, New York, NY, USA.
[43] R. Sandhu and X. Zhang. Peer-to-peer access control architecture usingtrusted computing technology. In E. Ferrari and G-J. Ahn, editors,Proceedings of the 10th ACM symposium on Access control models andtechnologies (SACMAT 2005), pages 147–158, 1–3 June 2005.
[44] L. F. G. Sarmenta, M. van Dijk, C. W. O’Donnell, J. Rhodes, andS. Devadas. Virtual monotonic counters and count-limited objects usinga TPM without a trusted OS. In Proceedings of the 1st ACM workshopon Scalable trusted computing (STC 2006), pages 47–56, Alexandria,Virginia, USA, 2006. ACM, New York, NY, USA.
[45] S. E. Schechter, R. A. Greenstadt, and M. D. Smith. Trusted Computing,Peer-to-Peer Distribution, and the Economics of Pirated Entertainment.In Proceedings of the 2nd Annual Workshop on Economics andInformation Security, 2003.
[46] S. Schoen. Trusted Computing: Promise and Risk. Whitepaper, ElectonicFrontier Foundation, October 2003.
[47] SETCo. SET Secure Electronic Transaction 1.0 specification— the formal protocol definition. http://www.setco.org/set_specifications.html, May 1997.
[48] R. O. Sinnott. Development of Usable Grid Services for the BiomedicalCommunity. In Useability in e-Science Workshop: An InternationalWorkshop on Interrogating Usability Issues in New scientific Practice,within the Lab and within Society (NeSC 2006), Edinburgh, Scotland,UK, 26–27 January 2006.
[49] A. Spalka, A. B. Cremers, and H. Langweg. Protecting the Creationof Digital Signatures with Trusted Computing Platform Technologyagainst Attacks by Trojan Horse Programs. In M. Dupuy and P. Paradinas,editors, Proceedings of the 16th Annual Working Conference onInformation Security (IFIP/Sec’01) of Trusted Information: The NewDecade Challenge, volume 193 of IFIP Conference Proceedings, pages403–419, Paris, France, 11–13 June 2001. Kluwer Academic Publishers,Boston, Massachusetts, USA.
[50] E. Sparks. A Security Assessment of Trusted Platform Modules. TechnicalReport TR-2007-597, Department of Computer Science, Dartmouth,Hanover, New Hampsire, USA, June 2007.
[51] R. Stallman. Free Software, Free Society: Selected Essays of Richard M.Stallman, chapter 17 – Can You Trust Your Computer?, pages 115–119.GNU Press, Boston, Massachusetts, USA, 2002.
[52] TCG. Interoperability Specification for Backup and Migration Services.TCG specification version 1.0 revision 1.0, The Trusted ComputingGroup (TCG), Portland, Oregon, USA, June 2005.
[53] TCG. Subject Key Attestation Evidence Extension. TCG specificationversion 1.0 revision 7, The Trusted Computing Group (TCG), Portland,Oregon, USA, June 2005.
[54] TCG. TCG Infrastructure Working Group Reference Architecture forInteroperability (Part I). TCG specification version 1.0 revision 1, TheTrusted Computing Group (TCG), Portland, Oregon, USA, June 2005.
[55] TCG. TCG PC Client Specific Implementation Specification For ConventionalBIOS. TCG specification version 1.20 final, The Trusted ComputingGroup (TCG), Portland, Oregon, USA, June 2005.
[56] TCG. TPM Main, Part 1: Design Principles. TCG Specification Version1.2 Revision 94, The Trusted Computing Group (TCG), Portland,Oregon, USA, March 2006.
[57] TCG. TPM Main, Part 2: TPM Data Structures. TCG SpecificationVersion 1.2 Revision 94, The Trusted Computing Group (TCG), Portland,Oregon, USA, March 2006.
[58] TCG. TPM Main, Part 3: Commands. TCG Specification Version 1.2Revision 94, The Trusted Computing Group (TCG), Portland, Oregon,USA, March 2006.
[59] TCG. TCG Specification Architecture Overview. TCG specificationrevision 1.4, The Trusted Computing Group (TCG), Portland, Oregon,USA, August 2007.
[60] F. von Lohmann. Meditations on trusted computing. Electronic FrontierFoundation Article, 2003.
[61] A. Whitten and J. D. Tygar. Why Johnny Can’t Encrypt: A UsabilityEvaluation of PGP 5.0. In Proceedings of the 8th Conference on USENIXSecurity Symposium (SSYM 1999), pages 14–14, Washington, District ofColumbia, USA, 1999. USENIX Association, Berkeley, California, USA.
[62] Z. Yan and Z. Cofta. A Method for Trust Sustainability Among TrustedComputing Platforms. In S. Katsikas, J. Lopez, and G. Pernul, editors,Proceedings of the 1st International Conference on Trust and Privacyin Digital Business (TrustBus 2004), volume 3184 of Lecture Notes inComputer Science (LNCS), pages 11–19, Zaragoza, Spain, 30 August–1September 2004. Springer-Verlag, Berlin-Heidelberg, Germany.
[63] M. Yung. Trusted Computing Platforms: The Good, the Bad, andthe Ugly. In R. N. Wright, editor, Proceedings of the 7th InternationalConference of Financial Cryptography (FC 2003), volume 2742 of LectureNotes in Computer Science (LNCS), pages 250–254, Guadeloupe,Frence West Indies, 27–30 January 2003.