Challenges of Using Trusted Computing for Collaborative Data Processing

  • Paul Georg WagnerEmail author
  • Pascal Birnstill
  • Jürgen Beyerer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11738)


In recent years many business processes have become more interconnected than ever before. Driven by the advance of the Internet of Things, companies rely on complex data processing chains that span over many collaborating corporations and across different countries. As a result of this development, automated data acquisition and collaborative data usage is now a foundation of many innovative and successful business models. However, despite having a clear interest in sharing valuable data with other stakeholders, data owners simultaneously need to protect their assets against illegitimate use. In order to accommodate this requirement, existing data sharing solutions contain usage control systems capable of enforcing policies on data even after they have been shared. The integrity of these policy enforcement components is often monitored by a trusted platform module (TPM) on the data receiver’s side. In this work we evaluate the adequacy of TPM-based remote attestation for protecting shared data on foreign systems. In order to do so we develop an attacker model that includes privileged system users and expose attack vectors on TPM-protected data sharing applications. We show that TPMs do not provide sufficient protection against malicious administrators from competing stakeholders. Finally, we describe the advantages of using Intel’s Software Guard Extensions (SGX) to protect shared data in hostile environments and propose an enhanced system architecture that includes both SGX enclaves as well as a classical TPM.


Trusted computing Trusted platform modules Software guard extensions Usage control Policy enforcement Data sharing 


  1. 1.
    Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptology Archive, p. 86 (2016)Google Scholar
  2. 2.
    D’Cunha, N.A.: Exploring the integration of memory management and trusted computing. Ph.D. thesis, Dartmouth College (2007)Google Scholar
  3. 3.
    Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on TPM state registers. In: 24th IEEE Computer Security Foundations Symposium (CSF 2011), pp. 66–80. IEEE (2011)Google Scholar
  4. 4.
    Götzfried, J., Eckert, M., Schinzel, S., Müller, T.: Cache attacks on Intel SGX. In: Proceedings of the 10th European Workshop on Systems Security, p. 2. ACM (2017)Google Scholar
  5. 5.
    Gruss, D., Lettner, J., Schuster, F., Ohrimenko, O., Haller, I., Costa, M.: Strong and efficient cache side-channel protection using hardware transactional memory. In: USENIX Security Symposium, pp. 217–233 (2017)Google Scholar
  6. 6.
    Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security evaluation of scenarios based on the TCG’s TPM specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438–453. Springer, Heidelberg (2007). Scholar
  7. 7.
    Kelbert, F., Pretschner, A.: Data usage control enforcement in distributed systems. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 71–82. ACM (2013)Google Scholar
  8. 8.
    Kocher, P., et al.: Spectre attacks: exploiting speculative execution. arXiv preprint arXiv:1801.01203 (2018)
  9. 9.
    Otto, B., Lohmann, S., Steinbuß, S., Teuscher, A.: IDS reference architecture model. Technical report, International Data Spaces Association (2018)Google Scholar
  10. 10.
    Park, J., Sandhu, R.: The ucon abc usage control model. ACM Trans. Inf. Syst. Secur. (TISSEC) 7(1), 128–174 (2004)CrossRefGoogle Scholar
  11. 11.
    Scarlata, V., Johnson, S., Beaney, J., Zmijewski, P.: Supporting third party attestation for Intel SGX with Intel data center attestation primitives (2018)Google Scholar
  12. 12.
    Sparks, E.R.: A security assessment of trusted platform modules computer science. Department of Computer Science, Dartmouth College, USA, Technical report, TR2007-597 (2007)Google Scholar
  13. 13.
    TCG: Architecture overview. Specification Revision 1 (2007)Google Scholar
  14. 14.
    Wagner, P.G., Birnstill, P., Beyerer, J.: Distributed usage control enforcement through trusted platform modules and SGX enclaves. In: Proceedings of the 23rd ACM on Symposium on Access Control Models and Technologies, pp. 85–91. ACM (2018)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Paul Georg Wagner
    • 1
    Email author
  • Pascal Birnstill
    • 2
  • Jürgen Beyerer
    • 1
    • 2
  1. 1.Karlsruhe Institute of TechnologyKarlsruheGermany
  2. 2.Fraunhofer Institute of Optronics, System Technologies and Image Exploitation IOSBKarlsruheGermany

Personalised recommendations