Your search keyword '"Trusted service manager"' showing total 174 results

1. PSAP: Pseudonym-Based Secure Authentication Protocol for NFC Applications

Author

Peilin Hong, Jie Xu, Kaiping Xue, and Qingyou Yang

Subjects

Trusted service manager, Authentication, business.industry, Computer science, 020206 networking & telecommunications, Public key infrastructure, 02 engineering and technology, Mutual authentication, Communications security, Computer security, computer.software_genre, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, 020201 artificial intelligence & image processing, Session (computer science), Electrical and Electronic Engineering, business, computer, AKA

Abstract

Nowadays, near field communication (NFC) has been widely used in electronic payment, ticketing, and many other areas. NFC security standard requires the use of public key infrastructure (PKI) to implement mutual authentication and session keys negotiation in order to ensure communication security. In traditional PKI-based schemes, every user uses a fixed public/private key pair to implement authentication and key agreement. An attacker can create a profile based on user’s public key to track and compromise the user’s privacy. Recently, He et al. and Odelu et al. successively proposed pseudonym-based authentication key and agreement protocols for NFC after Eun et al. ’s protocol (2013), which is first claimed to provide conditional privacy for NFC. They respectively claimed that their scheme can satisfy the security requirements. In this paper, first, we prove that their protocols still have security flaws, including the confusion of the user’s identity and the random identity. Then, we propose a pseudonym-based secure authentication protocol (PSAP) for NFC applications, which is effective in lifetime and includes time synchronization-based method and nonce-based method. In our scheme, trusted service manager issues pseudonyms but does not need to maintain verification tables and it could reveal the user’s identity of internal attackers. Furthermore, security and performance analysis proves that PSAP can provide traceability and more secure features with a little more cost.

Published

2018

2. Survey on key technology development and application in trusted computing

Author

Bo Zhao, Liqiang Zhang, Juan Wang, Yuan Shi, Huanguo Zhang, Guojun Peng, Fajiang Yu, and Fei Yan

Subjects

Trusted service manager, Computer Networks and Communications, Computer science, business.industry, 05 social sciences, 020207 software engineering, Cloud computing, 02 engineering and technology, Trusted Computing, 050905 science studies, Trusted Network Connect, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, Direct Anonymous Attestation, Key (cryptography), Trusted Platform Module, 0509 other social sciences, Electrical and Electronic Engineering, business, computer, Hengzhi chip

Abstract

Trusted computing, which can effectively increase the credibility of information system, has made great achievements and is in continuous development. For country who is going to strengthen network construction like China, it is an important fundamental supporting technology worth researching. China is in the international forefront in the field of trusted computing. This paper gives comprehensive introductions to the new development and application of key technologies in trusted computing, such as various trusted platform modules (TPM, TCM, TPCM), TCG Software Stack (TSS), trusted cloud server and Trusted Execution Environment (TEE). We illustrate the progressing and application extension of these technologies and also point out some key problems worth studying in the future.

Published

2016

3. An Unlinkable Anonymous Payment Scheme based on near field communication

Author

Jia-Ning Luo, Szu-Yin Huang, and Ming Hour Yang

Subjects

Trusted service manager, General Computer Science, Computer science, business.industry, media_common.quotation_subject, Data_MISCELLANEOUS, Mobile commerce, 020206 networking & telecommunications, 02 engineering and technology, Payment, Computer security, computer.software_genre, Near field communication, Credit card, Control and Systems Engineering, 0202 electrical engineering, electronic engineering, information engineering, Mobile payment, ComputingMilieux_COMPUTERSANDSOCIETY, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, computer, Mobile device, media_common, Anonymity

Abstract

Display Omitted We propose an anonymous mobile payment protocol to protect users' privacy.Using anonymizing schemes to improve anonymity and unlinkability in a mobile transaction.Users can use mobile phones with NFC to perform commercial transactions. A number of mobile payment studies have been proposed in recently years. Most of the schemes are largely focused on transaction security, not on users' privacy. In this paper, we propose an Unlinkable Anonymous Payment Scheme to provide a secure and anonymous mobile commerce environment. In the proposed protocol, a user applies an anonymous virtual credit card from a trusted service manager. The sensitive information of the applied credit card is stored in the secure elements of user's mobile device. Our proposed protocol ensures various imperative security properties such as anonymity, unlinkability, and non-repudiation etc.

Published

2016

4. Untraceable and Anonymous Mobile Payment Scheme Based on Near Field Communication

Author

Raylin Tso

Subjects

Physics and Astronomy (miscellaneous), Computer science, General Mathematics, NFC, 02 engineering and technology, security, Computer security, computer.software_genre, Encryption, mobile payment, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Computer Science (miscellaneous), Mobile payment, Trusted service manager, Password, Authentication, anonymity, business.industry, lcsh:Mathematics, 020206 networking & telecommunications, lcsh:QA1-939, Chemistry (miscellaneous), EMV-compatible, 020201 artificial intelligence & image processing, business, Database transaction, computer, Anonymity

Abstract

With the developments of mobile communications, M-commerce has become increasingly popular in recent years. However, most M-commerce schemes ignore user anonymity during online transactions. As a result, user transactions may easily be traced by shops, banks or by Internet Service Providers (ISPs). To deal with this problem, we introduce a new anonymous mobile payment scheme in this paper. Our new scheme has the following features: (1) Password-based authentication: authentication of users is done by low-entropy password, (2) Convenience: the new scheme is designed based on near field communication (NFC)-enabled devices and is compatible with EuroPay, MasterCard and Visa (EMV-compatible), (3) Efficiency: users do not need to have their own public/private key pairs and confidentiality is achieved via symmetric-key cryptography, (4) Anonymity: users use virtual accounts in the online shopping processes, thereby preventing attackers from obtaining user information even if the transaction is eavesdropped, (5) Untraceablity: no one (even the bank, Trusted Service Manager (TSM), or the shop) can trace a transaction and link the real identity with the buyer of a transaction, (6) Confidentiality and authenticity: all the transaction is either encrypted or signed by the sender so our new scheme can provide confidentiality and authenticity. We also present the performance and the security comparison of our scheme with other schemes. The results show that our scheme is applicable and has the most remarkable features among the existing schemes.

Published

2018

5. A Trust Rating Model Using Fuzzy Logic in Cloud

Author

Vidhika Vasani and Vipul Chudasama

Subjects

Trusted service manager, business.industry, Computer science, End user, Data_MISCELLANEOUS, Cloud computing, Cloud service provider, Cloud user, business, Computer security, computer.software_genre, Fuzzy logic, computer

Abstract

Cloud computing provides services from the available pool of resources. Even with the available condition, cloud computing can reach the peak of success amongst cloud user. The issue they face is the barrier of trust between the end users for using the given services. Conventional security and protection controls keeps on being executed on cloud; however, because of its liquid and dynamic nature, a testable trust estimate of the cloud is required. This research paper exhibits an analysis of the present trust administration strategies for cloud operations. In this research paper, we proposed a model for trust administration using Fuzzy Logic, which can be beneficial for cloud service providers to select trusted datacenter for consumers.

Published

2018

6. Trusted mobile computing: An overview of existing solutions

Author

Mohamed Amine Bouazzouni, Emmanuel Conchon, Fabrice Peyrard, Réseaux, Mobiles, Embarqués, Sans fil, Satellites (IRIT-RMESS), Institut de recherche en informatique de Toulouse (IRIT), Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, XLIM (XLIM), Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS), Université Toulouse - Jean Jaurès (UT2J), Université Toulouse 1 Capitole (UT1)-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse 1 Capitole (UT1)-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Mathématiques & Sécurité de l'information (XLIM-MATHIS), Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS)-Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS), Centre National de la Recherche Scientifique - CNRS (FRANCE), Institut National Polytechnique de Toulouse - INPT (FRANCE), Université de Limoges - UNILIM (FRANCE), Université Toulouse III - Paul Sabatier - UT3 (FRANCE), Université Toulouse - Jean Jaurès - UT2J (FRANCE), Université Toulouse 1 Capitole - UT1 (FRANCE), Université de Poitiers (FRANCE), and Institut National Polytechnique de Toulouse - Toulouse INP (FRANCE)

Subjects

[INFO.INFO-AR]Computer Science [cs]/Hardware Architecture [cs.AR], Computer Networks and Communications, Computer science, Overview, Système d'exploitation, Mobile computing, Réseaux et télécommunications, 02 engineering and technology, User Centric Model, computer.software_genre, Encryption, Computer security, law.invention, Secure cryptoprocessor, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Architectures Matérielles, law, Virtualization, 0202 electrical engineering, electronic engineering, information engineering, Direct Anonymous Attestation, Secure Element (SE), Trusted service manager, Trusted Execution Environment (TEE), business.industry, Mobile Trusted Computing, 020206 networking & telecommunications, Trusted Computing, Trusted Network Connect, Systèmes embarqués, Hardware and Architecture, Security, 020201 artificial intelligence & image processing, Trusted client, [INFO.INFO-ES]Computer Science [cs]/Embedded Systems, Trusted Platform Module, Trusted Platform Module (TPM), [INFO.INFO-OS]Computer Science [cs]/Operating Systems [cs.OS], business, computer, Software, Hengzhi chip

Abstract

International audience; Nowadays, smartphones are able to process large amounts of data enabling the use of applications for personal or professional use. In these contexts, the smartphone needs to process, store and transfer sensitive data in a secure way. Encryption is a commonly used solution to enforce security but the encryption keys it relies on have also to be securely processed and stored. Several research works have investigated these issues and different solutions have been proposed. They can be classified into two main categories: hardware-based solutions (Secure Elements, Trusted Platform Module and Trusted Execution Environments) and software-based solutions (Virtualization Environments). This paper overviews/surveys these two categories highlighting their pros and cons. Examples of trusted computing applications are then provided for each category. Finally, a discussion is provided about trends and perspectives for trusted mobile computing.

Published

2018

7. Secure and Trusted Open CPS Platforms

Author

George Kornaros, Christian Prehofer, Oliver Horst, Alvise Rigo, Nora Koch, Marcello Coppola, and Ernest Wozniak

Subjects

Trusted service manager, Computer science, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Direct Anonymous Attestation, 020206 networking & telecommunications, 02 engineering and technology, Trusted Platform Module, Trusted Network Connect, Computer security, computer.software_genre, computer

Abstract

Cyber-physical systems (CPS) are devices with sensors and actuators which link the physical with the virtual world. There is a strong trend towards open systems, which can be extended during operation by instantly adding functionalities on demand. We discuss this trend in the context of automotive, medical and industrial automation systems. The goal of this chapter is to elaborate the research challenges of ensuring security in these new platforms for such open systems. A main problem is that such CPS apps shall be able to access and modify safety critical device internals. Cyber-physical attacks can affect the integrity, availability and confidentiality in CPS. Examples range from deception based attacks such as false-data-injection, sensor and actuator attacks, replay attacks, and also denial-of-service attacks. Hence, new methods are required to develop an end-to-end solution for development and deployment of trusted apps. This chapter presents the architecture approach and its key components, and methods for open CPS apps, including tool chain and development support.

Published

2018

8. A Development of Trusted Mobile Smart Message Wallet Service Broker (TmSMWSB) Architecture

Author

Kyu Beum Lee and Jong Ok Lee

Subjects

Trusted service manager, Pharming, Computer science, business.industry, Internet privacy, Computer security, computer.software_genre, Phishing, Information and Communications Technology, Broker Pattern, Mobile payment, Message broker, business, computer, Information exchange

Abstract

The rapid advances made in the information and communication technologies have kindled and fueled a fast-paced and widespread shift of information exchange and communication channels between businesses and customers from conventional post and telephone services to mobile-based online services and smartphones. Along with the growing number of smartphone users, an increasing number of people fall victim to new types of financial crimes committed with fraudulent electronic means, such as smishing, pharming, phishing, app/web forgery and fraud, pretending to be a corporate. In this paper, we propose a reliable broker service process providing a communication channel between companies and customers based on the Mobile Wallet (app) on smartphones. The salient features of its process design and implementation are prescreening out fraudulent information and providing customers Smart Wallet-based safe information and services.

Published

2015

9. A novel consumer-centric card management architecture and potential security issues

Author

Konstantinos Markantonakis, Raja Naeem Akram, Damien Sauveron, Smart card Centre [Egham], Royal Holloway [University of London] (RHUL), DMI (XLIM-DMI), XLIM (XLIM), and Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS)-Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS)

Subjects

Information Systems and Management, Computer science, smart card, 02 engineering and technology, Computer security, computer.software_genre, Theoretical Computer Science, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Artificial Intelligence, MULTOS, 0202 electrical engineering, electronic engineering, information engineering, Multos, Contactless smart card, Card management architecture, User centric smart cards, Trusted service manager, OpenPGP card, business.industry, GlobalPlatform, 020207 software engineering, BasicCard, Smart card application protocol data unit, Computer Science Applications, Java Card, Control and Systems Engineering, 020201 artificial intelligence & image processing, Open Smart Card Development Platform, Smart card, business, computer, Software

Abstract

International audience; Multi-application smart card technology has gained momentum due to the Near Field Communication (NFC) and smart phone revolution. Enabling multiple applications from different application providers on a single smart card is not a new concept. Multi-application smart cards have been around since the late 1990s; however, uptake was severely limited. NFC has recently reinvigorated the multi-application initiative and this time around a number of innovative deployment models are proposed. Such models include Trusted Service Manager (TSM), User Centric Smart Card Ownership Model (UCOM) and GlobalPlatform Consumer-Centric Model (GP-CCM). In this paper, we discuss two of the most widely accepted and deployed smart card management architectures in the smart card industry: GlobalPlatform and Multos. We explain how these architectures do not fully comply with the UCOM and GP-CCM. We then describe our novel flexible consumer-centric card management architecture designed specifically for the UCOM and GP-CCM frameworks, along with ways of integrating the TSM model into the proposed card management architecture. Finally, we discuss four new security issues inherent to any architecture in this context along with the countermeasures for our proposed architecture.

Published

2015

10. DroidPosture: A trusted posture assessment service for mobile devices

Author

Seif Haridi, Sileshi Demesie Yalew, Miguel Correia, and Gerald Q. Maguire Jr.

Subjects

Trusted service manager, 021110 strategic, defence & security studies, Software_OPERATINGSYSTEMS, Computer science, business.industry, 0211 other engineering and technologies, Rootkit, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, Computer security, ARM architecture, Software, 0202 electrical engineering, electronic engineering, information engineering, Malware, Android (operating system), business, computer, Mobile device, Hacker

Abstract

Mobile devices such as smartphones are becoming the majority among computing devices. Currently, millions of persons use such devices to store and process personal data. Unfortunately, smartphones running Android are increasingly being targeted by hackers and infected with malware. Anti-malware software is being used to address this situation, but it may be subverted by the same malware it aims to detect. We present DroidPosture, a posture assessment service for Android devices. This service aims to securely evaluate the level of trust we can have on a device (assess its posture) even if the mobile OS is compromised. For that to be possible, DroidPosture is protected using TrustZone, a security extension for ARM processors. DroidPosture is configurable with a set of application and kernel analysis mechanisms that enable detecting malicious applications and rootkits. We implemented a DroidPosture prototype using a hardware board with an ARM processor with TrustZone, and evaluated its performance and security.

Published

2017

11. Establishing Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments

Author

Raja Naeem Akram, Carlton Shepherd, and Konstantinos Markantonakis

Subjects

Trusted service manager, Computer science, Interoperability, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Trusted Computing, Computer security, computer.software_genre, Trusted Network Connect, 0202 electrical engineering, electronic engineering, information engineering, Direct Anonymous Attestation, Trusted Platform Module, Resilience (network), computer, Protocol (object-oriented programming)

Abstract

Remote and largely unattended sensing devices are being deployed rapidly in sensitive environments, such as healthcare, in the home, and on corporate premises. A major challenge, however, is trusting data from such devices to inform critical decision-making using standardised trust mechanisms. Previous attempts have focused heavily on Trusted Platform Modules (TPMs) as a root of trust, but these forgo desirable features of recent developments, namely Trusted Execution Environments (TEEs), such as Intel SGX and the GlobalPlatform TEE. In this paper, we contrast the application of TEEs in trusted sensing devices with TPMs, and raise the challenge of secure TEE-to-TEE communication between remote devices with mutual trust assurances. To this end, we present a novel secure and trusted channel protocol that performs mutual remote attestation in a single run for small-scale devices with TEEs. This is evaluated on two ARM development boards hosting GlobalPlatform-compliant TEEs, yielding approximately four-times overhead versus untrusted world TLS and SSH. Our work provides strong resilience to integrity and confidentiality attacks from untrusted world adversaries, facilitates TEE interoperability, and is subjected to mechanical formal analysis using Scyther.

Published

2017

12. Secure Tera-Scale Data Crunching With A Small Tcb

Author

Bruno Vavala, Nuno Neves, and Peter Steenkiste

Subjects

Trusted service manager, Computer science, Data_MISCELLANEOUS, 020206 networking & telecommunications, Hypervisor, 02 engineering and technology, Trusted Computing, computer.software_genre, Trusted Network Connect, Computer security, Trusted computing base, 020204 information systems, Virtual memory, 0202 electrical engineering, electronic engineering, information engineering, Operating system, Direct Anonymous Attestation, Trusted Platform Module, computer

Abstract

Outsourcing services to third-party providers comes with a high security cost—to fully trust the providers. Using trusted hardware can help, but current trusted execution environments do not adequately support services that process very large scale datasets. We present LASTGT, a system that bridges this gap by supporting the execution of self-contained services over a large state, with a small and generic trusted computing base (TCB). LASTGT uses widely deployed trusted hardware to guarantee integrity and verifiability of the execution on a remote platform, and it securely supplies data to the service through simple techniques based on virtual memory. As a result, LASTGT is general and applicable to many scenarios such as computational genomics and databases, as we show in our experimental evaluation based on an implementation of LASTGT on a secure hypervisor. We also describe a possible implementation on Intel SGX.

Published

2017

13. Enhancing Trusted Cloud Computing Platform for Infrastructure as aService

Author

H. Kim

Subjects

lcsh:Computer engineering. Computer hardware, General Computer Science, Computer science, Pooling, Data security, Cloud computing, lcsh:TK7885-7895, 02 engineering and technology, Computer security, computer.software_genre, communication system security, Utility computing, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, data security, Trusted service manager, platform virtualization, business.industry, 020206 networking & telecommunications, Trusted Network Connect, Elasticity (cloud computing), Converged infrastructure, authentication, cryptographic protocols, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, computer, lcsh:TK1-9971

Abstract

The characteristics of cloud computing including on-demand self-service, resource pooling, and rapid elasticity have made it grow in popularity. However, security concerns still obstruct widespread adoption of cloud computing in the industry. Especially, security risks related to virtual machine make cloud users worry about exposure of their private data in IaaS environment. In this paper, we propose an enhanced trusted cloud computing platform to provide confidentiality and integrity of the user's data and computation. The presented platform provides secure and efficient virtual machine management protocols not only to protect against eavesdropping and tampering during transfer but also to guarantee the virtual machine is hosted only on the trusted cloud nodes against inside attackers. The protocols utilize both symmetric key operations and public key operations together with efficient node authentication model, hence both the computational cost for cryptographic operations and the communication steps are significantly reduced. As a result, the simulation shows the performance of the proposed platform is approximately doubled compared to the previous platforms. The proposed platform eliminates cloud users' worry above by providing confidentiality and integrity of their private data with better performance, and thus it contributes to wider industry adoption of cloud computing.

Published

2017

14. Trusted Integrated Circuits: The Problem and Challenges

Author

Yici Cai, Yongqiang Lv, Gang Qu, and Qiang Zhou

Subjects

Trusted service manager, Hardware security module, Authentication, Computer science, business.industry, Enterprise information security architecture, Computer security, computer.software_genre, Computer Science Applications, Theoretical Computer Science, Computational Theory and Mathematics, Trusted computing base, Hardware and Architecture, Hardware Trojan, Software security assurance, Direct Anonymous Attestation, Trusted Platform Module, business, computer, Software, Hengzhi chip, Computer network

Abstract

Hardware security has become more and more important in current information security architecture. Recently collected reports have shown that there may have been considerable hardware attacks prepared for possible military usage from all over the world. Due to the intrinsic difference from software security, hardware security has some special features and challenges. In order to guarantee hardware security, academia has proposed the concept of trusted integrated circuits, which aims at a secure circulation of IC design, manufacture and chip using. This paper reviews the main problems of trusted integrated circuits, and concludes four key domains of the trusted IC, namely the trusted IC design, trusted manufacture, trusted IP protection, and trusted chip authentication. The main challenges in those domains are also analyzed based on the current known techniques. Finally, the main limitations of the current techniques and possible future trends are discussed.

Published

2014

15. Mobile Trusted Computing

Author

Jan-Erik Ekberg, Carlos V. Rozas, Kari Kostiainen, Steffen Schulz, Christian Wachsmann, Nadarajah Asokan, Ahmad-Reza Sadeghi, and Anand Rajan

Subjects

Trusted service manager, Computer science, Mobile computing, 020206 networking & telecommunications, 02 engineering and technology, Trusted Computing, Computer security, computer.software_genre, Trusted Network Connect, law.invention, law, 0202 electrical engineering, electronic engineering, information engineering, Direct Anonymous Attestation, 020201 artificial intelligence & image processing, Trusted client, Trusted Platform Module, Electrical and Electronic Engineering, computer, Hengzhi chip

Abstract

Trusted computing technologies for mobile devices have been researched, developed, and deployed over the past decade. Although their use has been limited so far, ongoing standardization may change this by opening up these technologies for easy access by developers and users. In this survey, we describe the current state of trusted computing solutions for mobile devices from research, standardization, and deployment perspectives.

Published

2014

16. The Untapped Potential of Trusted Execution Environments on Mobile Devices

Author

Jan-Erik Ekberg, Kari Kostiainen, and Nadarajah Asokan

Subjects

Trusted service manager, Computer Networks and Communications, Computer science, business.industry, Mobile computing, Usability, Mobile Web, Cryptography, Trusted Network Connect, Computer security, computer.software_genre, Mobile station, Mobile search, Mobile technology, Electrical and Electronic Engineering, business, Law, computer, Mobile device

Abstract

Hardware-based trusted execution environments (TEEs) have been available in mobile devices for more than a decade, but their use has been limited. The On-board Credential system safely opens up TEEs so application developers can use their functionality to improve security and usability.

Published

2014

17. Label's Verification Technology of Gateway Based on Trusted Label

Author

Yu Wang and Yu Duan

Subjects

Trusted service manager, Engineering, business.industry, Data_MISCELLANEOUS, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, General Engineering, Gateway (computer program), Computer security, computer.software_genre, Trusted Network Connect, law.invention, law, Direct Anonymous Attestation, The Internet, Trusted client, Trusted Platform Module, business, computer, Hengzhi chip, Computer network

Abstract

Trusted Network is a new research direction of the Internet. On the basis of trusted LAN, this study puts forward a trusted label of the trusted terminal, which can solve the DDOS attack efficiently and control the abnormal flow easily in the trusted LAN. In addition, it proposes the label’s verification technology, so as to ensure the execution efficiency of some real-time business in the gateway. Above all, the trusted label and the verification technology make the LAN more controllable and safer.

Published

2014

18. Study on Quality of Service Based on Trusted Computing

Author

Dan Ning Li, Xin Qiang Ma, You Yuan Liu, and Yi Huang

Subjects

Trusted service manager, Process management, Computer science, business.industry, Business process, Service design, Quality of service, Service level objective, Services computing, Access control, General Medicine, Mobile QoS, Trusted Computing, Information security, Service provider, Computer security, computer.software_genre, law.invention, Utility computing, law, Information system, Trusted client, Web service, business, computer

Abstract

Trusted computing is a hot topic of information security technology research nowadays. It was developed based on computing and Information Systems. At the same time, business processes for e-commerce and Web service applications, suppliers and customers define a binding agreement or contract between the two parties, specifying quality of service (QoS) items such as products or services to be delivered, deadlines, quality of products, and cost of services. The management of QoS metrics directly impacts the success of organizations participating in e-commerce. In this paper, we discuss the present situation about QoS in the environment of trusted computing. It describes the factors related to each attribute, as well as possible tradeoffs and existing efforts to achieve that quality. The paper also discusses key issues in services level agreements that are used to contract the level of services quality between service providers and users.

Published

2014

19. A trusted measurement scheme suitable for the clients in the trusted network

Author

Bei Gong, Changxiang Shen, Xiaolie Ye, and Jianbiao Zhang

Subjects

Trusted service manager, Computer Networks and Communications, business.industry, Network security, Computer science, Access control, Trusted Computing, Computer security, computer.software_genre, Trusted Network Connect, Direct Anonymous Attestation, Trusted Platform Module, Electrical and Electronic Engineering, Trusted timestamping, business, computer, Computer network

Abstract

The trusted network connection is a hot spot in trusted computing field and the trust measurement and access control technology are used to deal with network security threats in trusted network. But the trusted network connection lacks fine-grained states and real-time measurement support for the client and the authentication mechanism is difficult to apply in the trusted network connection, it is easy to cause the loss of identity privacy. In order to solve the above-described problems, this paper presents a trust measurement scheme suitable for clients in the trusted network, the scheme integrates the following attributes such as authentication mechanism, state measurement, and real-time state measurement and so on, and based on the authentication mechanism and the initial state measurement, the scheme uses the real-time state measurement as the core method to complete the trust measurement for the client. This scheme presented in this paper supports both static and dynamic measurements. Overall, the characteristics of this scheme such as fine granularity, dynamic, real-time state measurement make it possible to make more fine-grained security policy and therefore it overcomes inadequacies existing in the current trusted network connection.

Published

2014

20. Study on the Trusted Operating Technology for Mobile E-Commerce System Secure

Author

Hong Feng Xu and Gui Xian Zhou

Subjects

Trusted service manager, Engineering, business.industry, Mobile Web, General Medicine, E-commerce, computer.software_genre, Trusted Network Connect, Computer security, Direct Anonymous Attestation, Web application, Web service, Chinese wall, business, computer

Abstract

Mobile e-commerce systems are the big trend of international economy and social development now days, and also the key process of industry upgrade, industrialization and modernization in our country. Mobile e-commerce systems are considered as the backbone of the manufacturing industry in China, Vulnerabilities in web applications continue to be the most frequently discovered security problem. This article illustrates a trusted operating systems how to provide a flexible solution to the problem of application for e-commerce. With the help of Chinese Wall, web services are becoming popular in Web applications. In the end, we present strategies for e-commerce application: trusted e-commerce module.

Published

2014

21. Secure solution of trusted Internet of things base on TCM

Author

Qiu-xin Wu and Han Li

Subjects

Trusted service manager, Computer Networks and Communications, business.industry, Computer science, Cryptography, Trusted Computing, Computer security model, Trusted Network Connect, Computer security, computer.software_genre, Secure cryptoprocessor, Signal Processing, Direct Anonymous Attestation, Trusted Platform Module, business, computer, Information Systems, Computer network

Abstract

This paper firstly analyzes the background of the Internet of things (IoT) and describes the trusted computing technologies concept about trusted cryptography modules (TCM), then describes its basic hierarchy and gives a basic security model based on a simple IoT system. And based on this security model, a secure solution of trusted IoT has been built by using the TCM-based technology, and it covers secure boot, secure storage, platform metrics and trusted reports, key functions, and then gives the protocol design with these functions. After analysis results, the solution can provide safeguard of security and trustworthy for their development and application.

Published

2013

22. Study on the Design of Trusted Secure Cloud System Structure

Author

Xue Li Wang

Subjects

Trusted service manager, Structure (mathematical logic), Cloud computing security, Computer science, Cloud systems, Data_MISCELLANEOUS, Real-time computing, Frame (networking), General Medicine, Trusted Computing, Trusted Network Connect, Computer security, computer.software_genre, Direct Anonymous Attestation, computer

Abstract

The ordinary cloud system is confronted with various threats in trust and security perspective, which have influenced the extensive use of cloud system. Aiming at the defects in the trusted secure design of the ordinary cloud system frame, a trusted secure cloud system has been designed.

Published

2013

23. Ensuring a Secure Supply Chain For Trusted Systems and Networks

Author

Paul Popick

Subjects

Trusted service manager, Computer science, Supply chain, Trusted Network Connect, Computer security, computer.software_genre, computer

Published

2013

24. Web Service System Structure based on Trusted Computing Platform

Author

Feng Xu and Hongxu Ma

Subjects

Trusted service manager, Computer science, Trusted Computing, computer.software_genre, Computer security, Trusted Network Connect, Theoretical Computer Science, law.invention, Computational Theory and Mathematics, Trusted computing base, Artificial Intelligence, law, Direct Anonymous Attestation, Trusted client, Trusted Platform Module, Web service, computer, Software

Abstract

By introducing trusted computing techniques into web service security mechanisms, a web service security framework based on trusted computing platform is proposed. It changes the original passive defense mechanism into active one. Combining the integrity of terminal platform and the trustiness of platform's identity, the measuring mechanism can effectively resist the security threats from “malicious terminal” and “risky terminal”. “Trusted Connection Layer” in the framework bridges upper web application and the user. Trusted web access is achieved by adding Access Requester (AR) and Trusted Service Decision Point (TSDP) into the system.

Published

2013

25. Study on Trusted Access Model Based on User Behavior

Author

Xu Chunxiang, Yan Lili, Chang Yan, and Zhang Shi-Bin

Subjects

Trusted service manager, General Computer Science, business.industry, Computer science, Internet privacy, Computer security, computer.software_genre, Trusted Network Connect, law.invention, law, Direct Anonymous Attestation, Trusted client, business, computer

Published

2013

26. ◾ Cloud Security Access Control: Distributed Access Control

Author

Daniel S. Soper

Subjects

Trusted service manager, Negotiation, Cloud computing security, Computer science, media_common.quotation_subject, Direct Anonymous Attestation, Trusted Platform Module, Trusted Network Connect, Computer security, computer.software_genre, computer, media_common

Published

2016

27. Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems

Author

Ghada Arfaoui, Carlton Shepherd, Iakovos Gurulian, Konstantinos Markantonakis, Emmanuel Conchon, Robert P. Lee, Raja Naeem Akram, Damien Sauveron, Mathématiques & Sécurité de l'information (XLIM-MATHIS), XLIM (XLIM), and Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS)-Université de Limoges (UNILIM)-Centre National de la Recherche Scientifique (CNRS)

Subjects

Trusted service manager, Emulation, Computer science, Cyber-physical system, 020206 networking & telecommunications, Context (language use), 02 engineering and technology, Trusted Computing, Virtualization, computer.software_genre, Computer security, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Trusted Platform Module, Java Card, computer, ComputingMilieux_MISCELLANEOUS

Abstract

Notions like security, trust, and privacy are crucial in the digital environment and in the future, with the advent of technologies like the Internet of Things (IoT) and Cyber-Physical Systems (CPS), their importance is only going to increase. Trust has different definitions, some situations rely on real-world relationships between entities while others depend on robust technologies to gain trust after deployment. In this paper we focus on these robust technologies, their evolution in past decades and their scope in the near future. The evolution of robust trust technologies has involved diverse approaches, as a consequence trust is defined, understood and ascertained differently across heterogeneous domains and technologies. In this paper we look at digital trust technologies from the point of view of security and examine how they are making secure computing an attainable reality. The paper also revisits and analyses the Trusted Platform Module (TPM), Secure Elements (SE), Hypervisors and Virtualisation, Intel TXT, Trusted Execution Environments (TEE) like GlobalPlatform TEE, Intel SGX, along with Host Card Emulation, and Encrypted Execution Environment (E3). In our analysis we focus on these technologies and their application to the emerging domains of the IoT and CPS.

Published

2016

28. Using Trusted Platform Module (TPM) to Secure Business

Author

Halabi Hasbullah and Irshad Ahmed Sumra

Subjects

Trusted service manager, Secure cryptoprocessor, Direct Anonymous Attestation, Trusted Platform Module, Business, Computer security, computer.software_genre, Intelligent transportation system its, computer, Hengzhi chip

Published

2016

29. Research and Design of Trusted Computing Platform

Author

Qi-jie Tang, Xiao-gang He, Mao-lin Deng, Yun-ting Zhou, Yu-hai Chong, and Feng-zhu Ji

Subjects

Trusted service manager, Engineering, Process (engineering), business.industry, Data_MISCELLANEOUS, Trusted Computing, Trusted Network Connect, Computer security, computer.software_genre, law.invention, law, Direct Anonymous Attestation, Trusted client, Trusted Platform Module, business, computer, Hengzhi chip

Abstract

With the development of trusted computing, trusted computing model and trusted computing platforms are constantly changing, and becoming more and more perfect. In terms of the hardware platform, the trusted computing technology has been gradually matured. Many companies and businesses solve security problems by using trusted technologies. Trusted computing technology focuses on such as hardware, operating system and other aspects, wishing to build a complete, credible and reliable trusted platform. In this paper, the structure of the trusted platform has been described. Focus on Protected Capabilities, Integrity Measurement and Attestation which are the representative characteristics, some analysis and researches have been proposed. And analyze the main parts and priorities of the designing process of trusted platforms.

Published

2016

30. Secure Application Execution in Mobile Devices

Author

Mehari G. Msgna, Houda Ferradi, Konstantinos Markantonakis, and Raja Naeem Akram

Subjects

010302 applied physics, Trusted service manager, Computer science, 02 engineering and technology, Enterprise information security architecture, Trusted Network Connect, Computer security, computer.software_genre, 01 natural sciences, 020202 computer hardware & architecture, Secure cryptoprocessor, 0103 physical sciences, 0202 electrical engineering, electronic engineering, information engineering, Direct Anonymous Attestation, Trusted Platform Module, Android (operating system), Mobile device, computer

Abstract

Smart phones have rapidly become hand-held mobile devices capable of sustaining multiple applications. Some of these applications allow access to services including healthcare, financial, online social networks and are becoming common in the smart phone environment. From a security and privacy point of view, this seismic shift is creating new challenges, as the smart phone environment is becoming a suitable platform for security- and privacy-sensitive applications. The need for a strong security architecture for this environment is becoming paramount, especially from the point of view of Secure Application Execution SAE. In this chapter, we explore SAE for applications on smart phone platforms, to ensure application execution is as expected by the application provider. Most of the proposed SAE proposals are based on having a secure and trusted embedded chip on the smart phone. Examples include the GlobalPlatform Trusted Execution Environment, M-Shield and Mobile Trusted Module. These additional hardware components, referred to as secure and trusted devices, provide a secure environment in which the applications can execute security-critical code and/or store data. These secure and trusted devices can become the target of malicious entities; therefore, they require a strong framework that will validate and guarantee the secure application execution. This chapter discusses how we can provide an assurance that applications executing on such devices are secure by validating the secure and trusted hardware.

Published

2016

31. Research on Trusted Bootstrap Based on the Universal Smart Card

Author

Lin Yan and Jianbiao Zhang

Subjects

Trusted service manager, Computer science, Data_MISCELLANEOUS, Trusted Computing, Computer security, computer.software_genre, Trusted Network Connect, law.invention, law, Operating system, Direct Anonymous Attestation, Trusted client, Trusted Platform Module, Trusted timestamping, computer, Hengzhi chip

Abstract

The trusted boot is a hot spot in trusted computing field. User's identity authentication and trusted measurement are used to deal with security threats. But it is difficult to implement the general trusted boot based on hardware, which can be bypassed easily by software. In order to solve the above problem, a scheme of trusted boot is presented based on the universal smart card. It does not change the hardware and the firmware of the smart card and the terminal device. The core method combines user's identity authentication with trusted measurement. It binds user's identity, smart card and terminal device to ensure the trusted boot of terminal device. The trusted computing mechanism can be extended from power on to the application layer. Ultimately, experiments prove the security of boot and simplification of the implementation.

Published

2016

32. The Implementation of Trusted Computing Based Network Trusted Management Information System

Author

Hui Hong Lu

Subjects

Trusted service manager, business.industry, Computer science, General Engineering, Trusted Computing, Trusted Network Connect, Computer security, computer.software_genre, law.invention, Management information systems, Network management, Trusted computing base, law, Direct Anonymous Attestation, Information system, Trusted client, Trusted Platform Module, business, computer

Abstract

In this paper, the application of Trusted Computing Platform is discussed. It is pointed out that the purpose of network management information system by trusted Computing platform is to set up a trusted network system. Based on the analysis of the environment of the trusted network information management system, we employ a trusted computing model in the information system of graduate student at our university. The implementation of network trusted management information system indicates that this method will improve the security of information system.

Published

2012

33. Trusted Dynamic Self-confidence Migration of Cloud Service

Author

Changxiang Shen, Yu Guo, and Jiqiang Liu

Subjects

Trusted service manager, Self-confidence, General Computer Science, Computer science, business.industry, media_common.quotation_subject, Cloud computing, business, Computer security, computer.software_genre, computer, media_common

Published

2012

34. Study on Grade Division Policy for Trusted Network

Author

Dongyun Long

Subjects

Trusted service manager, Engineering, Access network, business.industry, Interoperability, trusted attribute, Computer security, computer.software_genre, Trusted Network Connect, grade division, law.invention, trusted network, Workflow, Terminal (electronics), law, Direct Anonymous Attestation, General Earth and Planetary Sciences, Trusted client, business, computer, General Environmental Science

Abstract

Scholars around the world have carried out extensive research word on architecture, protocols, algorithms and application for trusted network at present, and proposed a variety of network credible verification scheme and control mechanisms. In this paper, a kind of grade division policy for trusted network was provided on the basis of considering both the terminal security and profit of operators. Credible access architecture and certification model were given, and the partition rules of trusted attributes as well as the evaluate methods of grade division were explained in detail. Improved workflow for access to trusted network terminal was provided. Simulations results show that by the proposed framework, not only the safety and reliability of network can be ensured, but also the flexibility of ways to access network was strengthened, and that it can provide support for interoperability of different equipment manufacturers.

Published

2012

35. A Role-Based Service Level NFC Ecosystem Model

Author

Mehmet N. Aydin, Busra Ozdenizci, Kerem Ok, Vedat Coskun, Işık Üniversitesi, Fen Edebiyat Fakültesi, Enformasyon Teknolojileri Bölümü, Işık University, Faculty of Arts and Sciences, Department of Information Technologies, Ok, Kerem, Coşkun, Vedat, Özdenizci Köse, Büşra, and Aydın, Mehmet Nafiz

Subjects

Trusted service manager, Service (business), Process management, Computer science, Near Field Communication, NFC ecosystem, Service provider, Business ecosystem, Computer security, computer.software_genre, Computer Science Applications, NFC applications, Identification (information), Information and Communications Technology, Service level, Ecosystem, Service providers, Electrical and Electronic Engineering, computer, Mobile device

Abstract

Near Field Communication (NFC) is a short range wireless communication technology allowing to communicate mobile devices within close proximity. It provides opportunity for service providers to offer various value added services to customers. NFC technology allows the usage of wide range of applications and eliminates the obligation to carry additional components other than the mobile device such as credit or payment cards, tickets, identification cards or keys. Despite its technological advantages over alternative ones, the NFC business ecosystems and services are yet to take off. The problems mainly arise with the business issues triggered by different and mostly conflicting needs of many actors in the ecosystem and several additional technical issues. In this study, by adopting a role-based service ecosystem modeling, we propose an NFC ecosystem model which perfectly specifies the roles in the ecosystem, and defines set of activities for each role, and communication structure. We analyzed NFC ecosystem in three phases as pre-installation, installation, and service usage. We have defined the activities and communication structure in the first two phases, and finally investigated the service usage phase in three different operating modes of NFC. After giving the details of the proposed ecosystem model, two use cases are given to validate the developed ecosystem model. We complete our study by discussing the requirement satisfaction. Publisher's Version

Published

2011

36. A New Trusted Third-Party Billing For Mobile Networks

Author

Nabendu Chaki and Supriya Chakraborty

Subjects

Trusted service manager, Computer science, Direct Anonymous Attestation, Trusted third party, Trusted Network Connect, Computer security, computer.software_genre, computer

Published

2011

37. Research of Trusted Network Security Technology

Author

Bin Liu and Xiao Ying Gan

Subjects

Trusted service manager, Engineering, business.industry, End user, General Medicine, Trusted Computing, Trusted Network Connect, Computer security, computer.software_genre, Network planning and design, Intelligent computer network, Workflow, Direct Anonymous Attestation, business, computer

Abstract

Based on the TNC architecture, using a trusted network of repair techniques in the trusted network access scenario does not meet the requirements of integrity verification solution for end users. Put forward a credible fix the overall network design, reliable model restoration and repair services, network workflow. The system is in need of restoration to provide safe and reliable repair end-user data transmission, providing a humane, reasonable repair services to ensure the credibility of fixed network and the isolation effect of the terminal to be repaired and strengthened the security of fixed server. Realized the classification of various types of repair resources management, restoration of resources in ensuring the transfer of fast, reliable, based on the performance with a certain extension.

Published

2011

38. Novel access and remediation scheme in hierarchical trusted network

Author

Yanheng Liu, Yu Jiao, and Jian Wang

Subjects

Trusted service manager, Access network, Computer Networks and Communications, business.industry, Computer science, Access control, Trusted Computing, Computer security, computer.software_genre, Trusted Network Connect, law.invention, law, Direct Anonymous Attestation, Trusted client, Trusted Platform Module, business, computer, Computer network

Abstract

Trusted computing technology is expected to guarantee security for network and terminal in future communication environment. In this work, we introduce the concept of trusted attribute to build a novel framework for hierarchical trusted access and feasible remediation. The categorization of trusted attribute is justified primarily in terms of the point in the boot cycle of a system at which the respective attributes are measured. The concept of trusted attribute is extended to the notion of a ''trusted grade'' that is granted by a new added module so-called trusted level division function. Also we give a reasonable example of dividing trusted grades. We discuss the promising applications of our presented framework and the access procedure of terminal. The simulations show that by the proposed framework, not only the security and reliability of network can be ensured, but also the flexibility of terminal to access network is improved. And that the presented framework can provide necessary supports for interoperability of different equipment manufacturers. It also can be concluded that the presented remediation framework is easy to be deployed, by which the convenient and reliable remediation services are able to be offered to those terminals without achieving the security standards of local network.

Published

2011

39. Dynamic Trusted Domain: Preventing Data Leakage of Trusted Subjects

Author

Zhi Ying Wang, Jiang Chun Ren, Songzhu Mei, Yong Cheng, Jiang Jiang Wu, and Jun Ma

Subjects

Trusted service manager, Computer science, General Medicine, Virtualization, computer.software_genre, Trusted Network Connect, Computer security, Security policy, Mandatory access control, law.invention, law, Direct Anonymous Attestation, Trusted client, Trusted timestamping, computer

Abstract

The existence of trusted subjects is a major complication in implementing multilevel secure (MLS) systems. In MLS, trusted subjects are granted with privileges to perform operations possibly violating mandatory access control policies. It is difficult to prevent them from data leakage with out too strict confinement. This paper reconsiders the privilege from the view of sensitive data and presents a dynamic trusted domain (DTD) mechanism for trusted subjects. In DTD, a domain is associated with a special label structure (LabelVector) distinguishing security policies and builds an isolated environment based on virtualization for a certain trusted subject. The channel for the trusted subject to communicate with outsider is controlled by a trusted request decision maker (TRDM). Only the request satisfies the rules on domain label and security levels can be passed through.

Published

2011

40. Mobile Trusted Computing Based on MTM

Author

Jan-Erik Ekberg

Subjects

Trusted service manager, Computer science, Direct Anonymous Attestation, Trusted Platform Module, Trusted Computing, Computer security, computer.software_genre, Trusted Network Connect, computer

Abstract

Trusted computing (TC) denotes a set of security-related hardware and software mechanisms that make a computing device work in a consistent manner, even in the presence of external attacks. For personal computers, TC typically is interpreted to be a software architecture designed around the trusted platform module (TPM), a hardware chip residing on the motherboard and implemented according to the specifications of the Trusted Computing Group (Trusted Computing Group, 2008A). In embedded devices, the state-of-the art in terms of hardware security and operating systems is significantly different from what is present on personal computers. So to stimulate the take-up of TCG technology on handsets as well, the recently approved mobile trusted module (MTM) specification (Trusted Computing Group, 2008B) defines new interfaces and adaptation options that match the requirements of the handset business ecosystem, as well as the hardware in use in the embedded domain. This chapter provides an overview of a few hardware security architectures (in handsets) to introduce the reader to the problem domain. The main focus of the text is in introducing the MTM specification – by first presenting its main functional concepts, and then by adapting it to one of the hardware architectures first described, essentially presenting a plausible practical deployment. The author also presents a brief security analysis of the MTM component, and a few novel ideas regarding how the (mobile) trusted module can be extended, and be made more versatile.

Published

2010

41. Research on theory and key technology of trusted computing platform security testing and evaluation

Author

Fei Yan, Jing Zhan, Yang Yang, Huanguo Zhang, Mingdi Xu, Jianming Fu, and Fan He

Subjects

Trusted service manager, General Computer Science, Computer science, Trusted Computing, Trusted system, Trusted Network Connect, Computer security, computer.software_genre, law.invention, Trusted computing base, law, Direct Anonymous Attestation, Trusted client, Trusted Platform Module, computer

Abstract

Trusted computing has become a new trend in the area of international information security, and the products of trusted computing platform begin to be used in application. Users will not use the products of information security, unless it goes through the testing and evaluation. Here we concentrate on the testing and evaluation problem of trusted computing platform, begin with constructing proper formalization model of trusted computing platform for testing, and establish a mathematical chain of trust model based on SPA. Moreover, we give a verification method of composite characteristics and find the potential factors threatening the trusted system in the process of remote attestation through analysis. For trusted software stack, we study the problem of automatic generation of test case and propose an improved method of generating the random test case, to raise the quality of test case. Finally, we give a prototype system of trusted computing platform and the actual test data related. The result demonstrates that there exist some flaws in the architecture of the present TCG computing platform. At the same time, some flaws are found in the products of existing trusted computing platform, thus a basis is laid for the improvement and development of trusted platform technology and its products.

Published

2010

42. Research on trusted computing and its development

Author

Fei Yan, Bo Zhao, ChangXiang Shen, Ji Wang, Liqiang Zhang, HuanGuo Zhang, HuaiMin Wang, Mingdi Xu, and Fajiang Yu

Subjects

Trusted service manager, General Computer Science, Computer science, Trusted Computing, Information security, Computer security, computer.software_genre, Trusted Network Connect, law.invention, Trusted computing base, law, Direct Anonymous Attestation, Trusted client, Trusted Platform Module, computer

Abstract

Trusted computing is a novel technology of information system security. It has become a new tide in worldwide information security area and achieved inspiring accomplishment. In China, the initiative research of trusted computing is not late, and the achievements are plentiful and substantial. Our country is in the front rank of the world in trusted computing. This paper comprehensively illustrates the recent development in theory and technology of trusted computing, introduces some improvements in trusted computing in our country, and proposes our opinions and viewpoints towards the existing problems in trusted computing and its future development.

Published

2010

43. Study of new trusted network framework

Author

Hui-fang Chong, Jiang-cai Ye, Yan-wei Zhou, and Zhen-qiang Wu

Subjects

Trusted service manager, Computer science, Direct Anonymous Attestation, Computer security, computer.software_genre, Trusted Network Connect, computer

Published

2009

44. A Study on Secure Key Backup/Recovery Scheme for Device based on Mobile Trusted Module

Author

Im-Yeoung Lee, Sung-Ik Jun, and Dong-Wan Kang

Subjects

Trusted service manager, business.industry, Computer science, Mobile computing, Trusted Computing, Trusted Network Connect, Computer security, computer.software_genre, Backup, Direct Anonymous Attestation, Key (cryptography), Trusted Platform Module, business, computer, Computer network

Abstract

Mobile environments are evolving the main communication environment as a develops of communication technology. In mobile environments, sensitive information can be compromised on-line, so demand for security has increased. Also, mobile devices that provide various services are in danger from malware and illegal devices, phishing and sniffing etc, and the privacy. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM protects user privacy and platform integrity, because it is embedded in the platform, and it is physically secure. However, a security approach is required when secret data is migrated elsewhere, because MTM provides strong security functions. In this paper, we analyze the TCG standard and migration method for cryptographic key, then we propose a secure migration scheme for cryptographic key using key Backup/Recovery method.

Published

2009

45. Study on development of trusted computing

Author

Yi Huang, Xin-qiang Ma, and Dan-ning Li

Subjects

Trusted service manager, Development (topology), Computer science, Direct Anonymous Attestation, Trusted Platform Module, Trusted Computing, Trusted Network Connect, Computer security, computer.software_genre, computer

Published

2009

46. A snapshot of trusted personal devices applicable to transaction processing

Author

D. Moreland, Surya Nepal, Hon Hwang, and John Zic

Subjects

Trusted service manager, Computer science, Transaction processing, business.industry, Internet privacy, Mobile computing, Management Science and Operations Research, Service provider, Trusted Network Connect, Computer security, computer.software_genre, Computer Science Applications, law.invention, Hardware and Architecture, law, Direct Anonymous Attestation, Snapshot (computer storage), Trusted client, business, computer

Abstract

In recent years, a clear trend has emerged where businesses need to provide flexible access to its services so as to increase their usage by a much wider cross-section of users operating over public infrastructures but still within a trusted environment. This trusted environment must be established between all participating users and service provider entities before any transactions are carried out. To meet the challenge of enabling mobile users to work within a trusted environment on any untrusted machine, the notion of a trusted personal device (TPD) has emerged. This paper provides a survey giving a snapshot of the growing body of work ongoing in the area of TPDs and the services they support.

Published

2009

47. Identity management and web services as service ecosystem drivers in converged networks

Author

Ruben Trapero, Juan-C. Yelmo, and J.M. del Alamo

Subjects

Trusted service manager, Service product management, Computer Networks and Communications, Service delivery framework, business.industry, Computer science, Service design, Mobile computing, Service level objective, Service level requirement, Mobile QoS, Differentiated service, Service provider, computer.software_genre, Computer security, Identity management, Computer Science Applications, World Wide Web, The Internet, Mobile telephony, Electrical and Electronic Engineering, Web service, business, computer

Abstract

This article describes a Web service-based framework supported by federated identity management technologies, which enables fixed and mobile operators to create a secure, dynamic, and trusted service ecosystem around them. With this framework, new service providers can be incorporated automatically, dynamically negotiating and accepting service level agreements to control their activities. Furthermore, it is based on identity management, not only to keep user identities private and protected, but also to enable the creation of value-added services using network resources and user profiles. This service ecosystem is not limited to third party providers but also can be extended through collaboration agreements between operators.

Published

2009

48. Trusted objects in trusted operating system

Author

Liang Tan

Subjects

Trusted service manager, Computer science, Direct Anonymous Attestation, Trusted Platform Module, Trusted Network Connect, Computer security, computer.software_genre, computer, Trusted operating system

Published

2008

49. A mobile device management framework for secure service delivery

Author

Adrian Leung

Subjects

Trusted service manager, Service (business), Computer Networks and Communications, Service delivery framework, business.industry, Computer science, Service level requirement, Mobile device management, Service provider, Computer security, computer.software_genre, Security service, Security management, Safety, Risk, Reliability and Quality, business, computer, Software, Computer network

Abstract

In a mobile ubiquitous environment, service interactions between a user device and a service provider should be secure, regardless of the type of device used to access or consume a service. We present a Secure Device Management Framework (SDMF), designed to securely deliver services to user devices, whilst also hiding (some of) the complexity of security management from users. Key to this framework is the Device Management Entity (DME), that manages a user device's security credentials, and interacts with service providers on its behalf. This framework also provides users with assurance that a compromised device cannot consume the delivered service, and, at the same time, prevents users from illegally sharing their credentials with other users. We achieve these objectives using Trusted Computing functionality and certain other security mechanisms.

Published

2008

50. A secure model for mobile agent based on encrypted circuit construction

Author

Mu Hong, Wang Ru-chuan, Zheng Yan, and Wang Hai-yan

Subjects

Trusted service manager, Service (systems architecture), business.industry, Computer science, Trusted Network Connect, Encryption, Computer security, computer.software_genre, Field (computer science), Electronic, Optical and Magnetic Materials, Mobile agent, Smart card, Electrical and Electronic Engineering, Element (category theory), business, computer, Computer network

Abstract

As a new technology, mobile agent (MA) shows a wide application in the field of network technology. However, security has been one of the crucial problems in its application. A new protection model based on a trusted element is presented in this paper. The trusted element, which differs from the traditional trusted hardware such as a smart card or a co-processor, offers a third party service based on an encrypted circuit construction. The procedure of constructing an encrypted circuit is introduced and the method of using the trusted service to protect the MA is also described. An application example is given to show how to use the new model at the end of the paper.

Published

2007