Privacy and Trusted Computing
نویسندگان
چکیده
This paper examines a model of trusted computing wherein a computing platform is able to make assertions about its current software configuration that may be trusted by the user and remote third parties. The privacy implications of this approach are investigated in the context of the Trusted Computing Platform Alliance (TCPA) specification. The trust relationships of the TCPA architecture are examined in detail. An analysis of the revocation requirements inherent in the TCPA design is presented, which highlights the challenges that revocation presents in the context of a large scale deployment of TCPA platforms. Finally, a modification to the specification is suggested that reduces the level of trust that need to be placed on the Privacy CA.
منابع مشابه
Better Privacy for Trusted Computing Platforms
The trusted computing group (TCG) specified two protocols that allow a trusted hardware device to remotely convince a communication partner that it is indeed a trusted hardware device. In turn, This enables two communication partners to establish that the other end is a secure computing platform and hence it is safe exchange data. Both these remote identification protocols provide some degree o...
متن کاملTrusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing
With the growing use of the Internet, users need to reveal an increasing amount of private information when accessing online services, and, with growing integration, this information is shared among services. Although progress was achieved in acknowledging the need to design privacy-friendly systems and protocols, there are still no satisfactory technical privacy-protecting solutions that relia...
متن کاملTrusted Ticket Systems and Applications
Trusted Computing is a security base technology that will perhaps be ubiquitous in a few years in personal computers and mobile devices alike. Despite its neutrality with respect to applications, it has raised some privacy concerns. We show that trusted computing can be applied for service access control in a manner protecting users’ privacy. We construct a ticket system, a concept at the heart...
متن کاملDirect Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators
The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user’s privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification. In this paper we show DAA places an unnecessarily large burden on the TPM host. We demonstrate how corrupt a...
متن کاملPrivacy-Preserving Computation with Trusted Computing via Scramble-then-Compute
We consider privacy-preserving computation of big data using trusted computing primitives with limited private memory. Simply ensuring that the data remains encrypted outside the trusted computing environment is insufficient to preserve data privacy, because data movement observed during computation could leak information. Designing algorithms that thwart such leakage is challenging. Many known...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003