Abstract
This article addresses two main topics. Firstly, we review the operation of trusted computing technology, which now appears likely to be implemented in future mobile devices (including mobile phones, PDAs, etc.). Secondly, we consider the possible applications of this technology in mobile devices, and how these applications can be supported using trusted computing technology. We focus in particular on three mobile applications, namely OMA DRM, SIMLock, and software download.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
TCG: TCG Specification Architecture Overview. TCG Specification Version 1.2, The Trusted Computing Group (TCG), Portland, Oregon, USA (April 2003)
Grawrock, D.: The Intel Safer Computing Initiative. Intel Press, Oregon (2006)
Proudler, G.: Concepts of trusted computing. In: Mitchell, C.J. (ed.) Trusted Computing. IEE Professional Applications of Computing Series 6. The Institute of Electrical Engineers (IEE), London, UK, pp. 11–27 (April 2005)
Pearson, S. (ed.): Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall, Upper Saddle River, New Jersey (2003)
Gollmann, D.: Computer Security, 2nd edn. John Wiley and Sons Ltd., Chichester (2005)
Pfleeger, C.P.: Security in Computing, 2nd edn. Prentice Hall PTR, Upper Saddle River, NJ (1997)
Department of Defense: DoD 5200.28-STD: Department of Defense Trusted Computer System Evaluation Criteria (1985)
IBM: PCI Cryptographic Processor: CCA Basic Services Reference and Guide, Release 2.41 (September 2003)
Dent, A.W., Mitchell, C.J.: User’s Guide to Cryptography and Standards. Artech House, Boston, MA (2005)
Pearson, S.: Trusted computing platforms, the next security solution. Technical Report HPL-2002-221, Hewlett-Packard Laboratories (November 2002), Available at http://www.hpl.hp.com/techreports/
Varadharajan, V.: Trustworthy computing. In: Zhou, X., Su, S., Papazoglou, M.M.P., Orlowska, M.E., Jeffery, K.G. (eds.) WISE 2004. LNCS, vol. 3306, pp. 13–16. Springer, Heidelberg (2004)
Felten, E.W.: Understanding trusted computing: Will its benefits outweigh its drawbacks? IEEE Security & Privacy 1(3), 60–62 (2003)
Balacheff, B., Chen, L., Pearson, S., Proudler, G., Chan, D.: Computing platform security in cyberspace. Information Security Technical Report 5(1), 54–63 (2000)
Chen, L., Pearson, S., Proudler, G., Chan, D., Balacheff, B.: How can you trust a computing platform? In: Proceedings of Information Security Solutions Europe (ISSE 2000) (2000)
TCG: TPM Main, Part 1: Design Principles. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG: TPM Main, Part 2: TPM Data Structures. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG: TPM Main, Part 3: Commands. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG: TCG Software Stack (TSS) Specification. TCG Specification Version 1.2 Level 1, The Trusted Computing Group (TCG), Portland, Oregon, USA (January 2006)
Chen, Y., England, P., Peinado, M., Willman, B.: High assurance computing on open hardware architectures. Microsoft Technical Report MSRTR–2003–20, Microsoft Corporation (March 2003)
England, P., Lampson, B., Manferdelli, J., Peinado, M., Willman, B.: A trusted open platform. IEEE Computer 36(7), 55–62 (2003)
Peinado, M., Chen, Y., England, P., Manferdelli, J.: NGSCB: A trusted open system. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 86–97. Springer, Heidelberg (2004)
Peinado, M., England, P., Chen, Y.: An overview of NGSCB. In: Mitchell, C.J. (ed.) Trusted Computing. IEE Professional Applications of Computing Series 6. The Institute of Electrical Engineers (IEE), London, UK, pp. 115–141 (April 2005)
Garfinkel, T., Rosenblum, M., Boneh, D.: Flexible OS support and applications for trusted computing. In: Proceedings of the 9th USENIX Workshop on Hot Topics on Operating Systems (HotOS-IX), Kauai, Hawaii, USA, USENIX, The Advanced Computing Systems Association, pp. 145–150 (May 18-21, 2003)
Pfitzmann, B., Riordan, J., Stuble, C., Waidner, M., Weber, A.: The PERSEUS system architecture. Technical Report RZ 3335 (#93381), IBM Research Division, Zurich Laboratory (April 2001)
Sadeghi, A., Stuble, C.: Taming Trusted Platforms by operating system design. In: Chae, K., Yung, M. (eds.) Information Security Applications. LNCS, vol. 2908, Springer, Heidelberg (2004)
Kuhlmann, D., Landfermann, R., Ramasamy, H., Schunter, M., Ramunno, G., Vernizzi, D.: An open trusted computing architecture — secure virtual machines enabling user-defined policy enforcement (June 2006), www.opentc.net
Sadeghi, A.R., Stueble, C., Pohlmann, N.: European multilateral secure computing base — open trusted computing for you and me. White paper (2004)
Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauery, R., Pratt, I., Warfield, A.: XEN and the art of virtualization. In: Proceedings of the 19th ACM Symposium on Operating Systems Principles (SOSP 2003), Bolton Landing, New York, USA, October 19-22, 2003, pp. 164–177. ACM Press, New York (2003)
Intel: LaGrande technology architectural overview. Technical Report 252491-001, Intel Corporation (September 2003)
Balacheff, B., Chen, L., Plaquin, D., Proudler, G.: A trusted process to digitally sign a document. In: Raskin, V., Hempelmann, C.F. (eds.) Proceedings of the 2001 New Security Paradigms Workshop, pp. 79–86. ACM Press, New York (2001)
Spalka, A., Cremers, A.B., Langweg, H.: Protecting the creation of digital signatures with trusted computing platform technology against attacks by Trojan Horse programs. In: Dupuy, M., Paradinas, P. (eds.) Trusted Information: The New Decade Challenge, IFIP TC11 Sixteenth Annual Working Conference on Information Security (IFIP/Sec 2001). IFIP Conference Proceedings, Paris, France, June 11-13, 2001, vol. 193, pp. 403–419. Kluwer Academic Publishers, Boston (2001)
Schechter, S.E., Greenstadt, R.A., Smith, M.D.: Trusted computing, peer-to-peer distribution, and the economics of pirated entertainment. In: Proceedings of The Second Annual Workshop on Economics and Information Security (2003) College Park, Maryland (May 29-30, 2003)
Kinateder, M., Pearson, S.: A privacy-enhanced peer-to-peer reputation system. In: Bauknecht, K., Min Tjoa, A., Quirchmayr, G. (eds.) E-Commerce and Web Technologies. LNCS, vol. 2738, pp. 206–216. Springer, Heidelberg (2003)
Balfe, S., Lakhani, A.D., Paterson, K.G.: Securing peer-to-peer networks using trusted computing. In: Mitchell, C.J. (ed.) Trusted Computing. The Institute of Electrical Engineers (IEE), London, UK, pp. 271–298 (2005)
Gallery, E., Tomlinson, A.: Secure delivery of conditional access applications to mobile receivers. In: Mitchell, C.J. (ed.) Trusted Computing. IEE Professional Applications of Computing Series 6. The Institute of Electrical Engineers (IEE), London, UK, pp. 195–238 (2005)
Pashalidis, A., Mitchell, C.J.: Single sign-on using trusted platforms. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 54–68. Springer, Heidelberg (2003)
Chen, L., Pearson, S., Vamvakas, A.: On enhancing biometric authentication with data protection. In: Howlett, R.J., Jain, L.C. (eds.) Proceedings of the Fourth International Conference on Knowledge-Based Intelligent Engineering Systems and Allied Technologies, vol. 1, pp. 249–252. IEEE, Los Alamitos (2000)
Mont, M.C., Pearson, S., Bramhall, P.: Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In: DEXA 2003, pp. 377–382. IEEE Computer Society, Los Alamitos (2003)
Mont, M.C., Pearson, S., Bramhall, P.: Towards accountable management of privacy and identity information. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 146–161. Springer, Heidelberg (2003)
Pridgen, A., Julien, C.: A secure modular mobile agent system. In: Proceedings of the 2006 international workshop on Software engineering for large-scale multi-agent systems (SELMAS 2006), Shanghai, China, pp. 67–74. ACM Press, New York (2006)
Pearson, S.: How trusted computers can enhance for privacy preserving mobile applications. In: Proceedings of the 1st International IEEE WoWMoM Workshop on Trust, Security and Privacy for Ubiquitous Computing (WOWMOM 2005), Taormina, Sicily, Italy, pp. 609–613. IEEE Computer Society, Washington, DC (2005)
Pearson, S.: Trusted agents that enhance user privacy by self-profiling. Technical Report HPL-2002-196, HP Labs, Bristol, UK (July 15, 2002)
Crane, S.: Privacy preserving trust agents. Technical Report HPL-2004-197, HP Labs, Bristol, UK (November 11, 2004)
Balfe, S., Mohammed, A.: Final fantasy — securing on-line gaming with trusted computing. In: Proceedings of the 4th International Conference on Autonomic and Trusted Computing (ATC 2007), Hong Kong (July 2007)
Yan, Z., Cofta, Z.: A method for trust sustainability among trusted computing platforms. In: Katsikas, S.K., Lopez, J., Pernul, G. (eds.) TrustBus 2004. LNCS, vol. 3184, pp. 11–19. Springer, Heidelberg (2004)
Anderson, R.: Cryptography and competition policy — Issues with trusted computing. In: Proceedings of PODC 2003, Boston, Massachsetts, USA, July 13-16, 2003, pp. 3–10. ACM, New York (2003)
Schoen, S.: Trusted computing: Promise and risk. Electronic Frontier Foundation Article (October 2003)
von Lohmann, F.: Meditations on trusted computing. Electronic Frontier Foundation Article (2003)
Reid, J., Gonzalez Nieto, J.M., Dawson, E.: Privacy and trusted computing. In: DEXA 2003, pp. 383–388. IEEE Computer Society, Los Alamitos (2003)
Arbaugh, B.: Improving the TCPA specification. IEEE Computer 35(8), 77–79 (2002)
Tygar, J., Yee, B.: Dyad: A system for using physically secure coprocessors. Technical Report CMU-CS-91-140R, Carnigie Mellon University, Pittsburgh, Pennsylvania, USA (May 1991)
Clark, P., Hoffman, L.: BITS: a smartcard protected operating system. Communications of the ACM 37, 66–94 (1994)
Arbaugh, W., Farber, D., Smith, J.: A secure and reliable bootstrap architecture. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy (S&P 1997), Oakland, California, USA, pp. 65–71. IEEE Computer Society Press, Los Alamitos, California (1997)
Itoi, N., Arbaugh, W., Pollack, S., Reeves, D.: Personal secure booting. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 130–141. Springer, Heidelberg (2001)
Lie, D.: Architectural Support for Copy and Tamper Resistant Software. PhD thesis, Department of Electrical Engineering, Stanford University, Stanford, California, USA (December 2003)
Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectural support for copy and tamper resistant software. In: Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX), Cambridge, Massachusetts, USA, pp. 169–177. ACM Press, New York (2000)
Suh, E., Clarke, D., Gassend, B., van Dyke, M., Devadas, S.: The AEGIS processor architecture for tamper–evident and tamper-resistant processing. In: 17th Annual ACM International Conference on Supercomputing (ICS 2003), San Francisco, California, USA, pp. 160–171. ACM Press, New York (2003)
Barrett, M.F.: Towards an open trusted computing framework. Masters thesis, Department of Computer Science, The University of Auckland, New Zealand (February 2005)
TCG: TCG PC client specific implementation specification for conventional BIOS. TCG specification Version 1.2 Final, The Trusted Computing Group (TCG), Portland, Oregon, USA (July 2005)
Abraham, D., Jackson, J., Muthrasanallur, S., Neiger, G., Regnier, G., Sankaran, R., Schionas, I., Uhlig, R., Vembu, B., Wiegert, J.: Intel virtualization technology for directed i/o. Intel Technology Journal 10(3), 179–192 (2006)
TCG: TCG EFI platform — for TPM family 1.1 or 1.2. TCG specification Version 1.2 Final, The Trusted Computing Group (TCG), Portland, Oregon, USA (June 2006)
TCG: TCG Credential Profiles. TCG Specification Version 1.1 Revision 1.014 For TPM Family 1,2; Level 2, The Trusted Computing Group (TCG), Portland, Oregon, USA (May 2007)
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. Technical Report HPL-2004-93, Hewlett-Packard Laboratories (June 2004), Available at http://www.hpl.hp.com/techreports/
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Pfitzmann, B., Liu, P. (eds.) Proceedings of CCS 2004, pp. 132–145. ACM Press, New York (2004)
Brickell, E., Camenisch, J., Chen, L.: The DAA scheme in context. In: Mitchell, C.J. (ed.) Trusted Computing. IEE Professional Applications of Computing Series 6. The Institute of Electrical Engineers (IEE), London, UK, pp. 143–174 (2005)
TCG MPWG: Use Case Scenarios. TCG Specification Version 2.7, The Trusted Computing Group, Mobile Phone Working Group, Portland, Oregon, USA (September 2005)
TCG MPWG: The TCG mobile trusted module specification. TCG specification version 0.9 revision 1, The Trusted Computing Group (TCG), Portland, Oregon, USA (September 2006)
TCG MPWG: Mobile trusted module specification overview document. Mobile trusted module specification support documents, The Trusted Computing Group (TCG), Beaverton, Oregon, USA (2006)
Gallery, E.: Authorisation issues for mobile code in mobile systems. Technical Report RHUL-MA-2007-3, Department of Mathematics, Royal Holloway, University of London (2007)
OMA: DRM architecture v2.0. Technical Specification OMA-DRM-ARCH-V2_0-2004071515-C, The Open Mobile Alliance (OMA) (July 2004)
Irwin, J., Wright, T.: Digital rights management. Vodafone internal newsletter, Vodafone, Newbury, England, UK (August 2004)
OMA: OMA DRM V1.0 approved enabler specification. Technical Specification OMA-DRM-V1_0-20040625-A, The Open Mobile Alliance (OMA) (June 2004)
OMA: OMA DRM V2.0 approved enabler specification. Technical Specification OMA-ERP-DRM-V2_0-20060303-A, The Open Mobile Alliance (OMA) (July 2004)
OMA: Digital Rights Management v1.0. Technical Specification OMA-Download-DRM-V1_0-20040615-A, The Open Mobile Alliance (OMA) (June 2004)
OMA: DRM architecture specification v1.0. Technical Specification OMA-Download-ARCH-V1_0-20040625-A, The Open Mobile Alliance (OMA) (June 2004)
OMA: DRM specification v2.0. Technical Specification OMA-DRM-DRM-V2_0-20040716-C, The Open Mobile Alliance (OMA) (July 2004)
CMLA: Client adopter agreement. Technical Report Revision 1.00-050708, The Content Management License Administrator Limited Liability Company (CMLA, LLC) (August 2005)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 internet public key infrastructure: Online certificate status protocol — OCSP. RFC 2560, Internet Engineering Task Force (IETF) (June 1999)
Mouley, M., Pautet, M.: The GSM System for Mobile Communications. Cell & Sys. Correspondence, Palaiseau, France (1992)
3GPP GSM TSGS: Personalisation of mobile equipment (ME), Mobile functionality specification (release 5). Technical specification TS 22.022 v5.0.0, 3rd Generation Partnership Project (3GPP), Global System for Mobile Communications (GSM) — Technical Specification Group Services and System Aspects, Sophia Antipolis, France (2002)
NTT DoCoMo, IBM, Intel Corporation: Trusted Mobile Platform (May 2004)
OMA: Device management requirements candidate version 1.2. Technical Specification OMA-RD-DM-V1_2-20060424-C, The Open Mobile Alliance (OMA) (April 2006)
SDRF: Overview and definition of software download for rf reconfiguration. SDRF Archived Approved Document DL-DFN Document SDRF-02-A-0002-V.0.0, The Software Defined Radio Forum (SDRF) (August 2002)
Tuttlebee, W., Babb, D., Irvine, J., Martinez, G., Worrall, K.: Broadcasting and Mobile Telecommunications: Interworking — Not Convergence. EBU Technical Review 293, 1–11 (2003)
European Committee for Electrotechnical Standardization (CENELEC) Brussels, Belgium: Common Interface Specification for Conditional Access and other Digital Video Broadcasting Decoder Applications (February 1997)
European Telecommunications Standards Institute (ETSI) Sophia-Antipolis, France: Digital Video Broadcasting (DVB): Head-End Implementation of DVB Simulcrypt (January 2003)
European Telecommunications Standards Institute (ETSI) Sophia-Antipolis, France: Digital Video Broadcasting (DVB); Support for use of Scrambling and Conditional Access (CA) within Digital Broadcasting Systems (October 1996)
WAPF: Wireless transport layer security version 06. Technical Specification WAP-2610WTLS-20010406-a, The Wireless Application Protocol Forum (WAPF) (April 2001)
Stallings, W.: Cryptography and Network Security, Principles and Practices, 2nd edn. Prentice Hall, Upper Saddle River, New Jersey (1999)
Hill, R., Myagmar, S., Campbell, R.: Threat analysis of GNU software radio. In: Proceedings of the World Wireless Congress (WWC 2005), Palo Alto, California, USA (May 24-27, 2005)
SDRF: Security considerations for operational software defined radio devices in a commercial wireless domain. SDRF working document, The Software Defined Radio Forum (SDRF) (October 2004)
Gallery, E., Tomlinson, A.: Protection of downloadable software on SDR devices. In: Proceedings of the 4th Software Defined Radio Forum Technical Conference (SDR 2005), Orange County, California, USA, Software Defined Radio Forum (SDRF) (November 14-18, 2005)
TCG: Subject key attestation evidence extension. TCG specification version 1.0 revision 7, The Trusted Computing Group (TCG), Portland, Oregon, USA (June 2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gallery, E., Mitchell, C.J. (2007). Trusted Mobile Platforms. In: Aldini, A., Gorrieri, R. (eds) Foundations of Security Analysis and Design IV. FOSAD FOSAD 2007 2006. Lecture Notes in Computer Science, vol 4677. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74810-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-74810-6_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74809-0
Online ISBN: 978-3-540-74810-6
eBook Packages: Computer ScienceComputer Science (R0)