Skip to main content
SpringerLink
Log in

A PrivacyCA for Anonymity and Trust

  • Conference paper
Trusted Computing (Trust 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5471))

Included in the following conference series:

Abstract

Trusted Computing (TC) as envisioned by the Trusted Computing Group promises a solution to the problem of establishing a trust relationship between otherwise unrelated platforms. In order to achieve this goal the platform has to be equipped with a Trusted Platform Module (TPM), which is true for millions of contemporary personal computers. The TPM provides solutions for measuring the state of a platform and reporting it in an authentic way to another entity. The same cryptographic means that ensure the authenticity also allow unique identification of the platform and therefore pose a privacy problem. To circumvent this problem the TCG proposed a trusted third party, the Privacy Certification Authority (PrivacyCA).

Unfortunately, currently no PrivacyCA is generally available. In this paper we introduce our freely available implementation of a PrivacyCA. In addition, our PrivacyCA is itself a trusted service. It is capable of reporting its state to clients. Furthermore, we use a novel way to minimize the Trusted Computing Base of Java-based applications in conjunction with hardware-supported virtualization. We automatically generate the service interface from a structural specification. Thus, to the best of our knowledge, we were not only first to make this crucial service publicly available, but now also provide a trustworthy service whose privacy policy can be attested to its users by employing TC mechanisms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ammons, G., Appavoo, J., Butrico, M., Silva, D.D., Grove, D., Kawachiya, K., Krieger, O., Rosenburg, B., Hensbergen, E.V., Wisniewski, R.W.: Libra: a library operating system for a jvm in a virtualized execution environment. In: VEE 2007: Proceedings of the 3rd international conference on Virtual execution environments, pp. 44–54. ACM, New York (2007)

    Google Scholar 

  2. Anderson, M.J., Moffie, M., Dalton, C.I.: Towards trustworthy virtualisation environments: Xen library os security service infrastructure. Technical Report HPL-2007-69, HP Research (2007)

    Google Scholar 

  3. Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: SOSP 2003: Proceedings of the nineteenth ACM symposium on Operating systems principles, pp. 164–177. ACM, New York (2003)

    Chapter  Google Scholar 

  4. Berger, S., Cáceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: virtualizing the trusted platform module. In: USENIX-SS 2006: Proceedings of the 15th conference on USENIX Security Symposium, pp. 305–320 (2006)

    Google Scholar 

  5. Berger, S., Cáceres, R., Pendarakis, D., Sailer, R., Valdez, E., Perez, R., Schildhauer, W., Srinivasan, D.: TVDc: managing security in the trusted virtual datacenter. SIGOPS Oper. Syst. Rev. 42(1), 40–47 (2008)

    Article  Google Scholar 

  6. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 132–145. ACM, New York (2004)

    Google Scholar 

  7. David Grawrock. The Intel Safer Computing Initiative. Intel Press (2006) ISBN 0-9764832-6-2

    Google Scholar 

  8. Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization (April 2002), http://www.ietf.org/rfc/rfc3281.txt

  9. Felleisen, M., Cartwright, R.: Safety as a metric. In: Proc. 12th Conference on Software Engineering Education and Training, pp. 129–131 (1999)

    Google Scholar 

  10. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: SOSP 2003: Proceedings of the nineteenth ACM symposium on Operating systems principles, pp. 193–206. ACM, New York (2003)

    Chapter  Google Scholar 

  11. Golm, M., Felser, M., Wawersich, C., Kleinöder, J.: A Java operating system as the foundation of a secure network operating system. Technical report tr-i4-02-05, Univ. of. Erlangen, Dept. of Comp. Science, Lehrstuhl 4 (2002)

    Google Scholar 

  12. Hohmuth, M.: The Fiasco kernel: Requirements definition. Technical Report ISSN 1430-211X, Dresden University of Technology (1998)

    Google Scholar 

  13. Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate and CRL Profile (April 2002), http://www.ietf.org/rfc/rfc3280.txt

  14. Kerckhoffs, A.: La cryptographie militaire. Journal des sciences militaires IX (1883)

    Google Scholar 

  15. Kuhlmann, D., Landfermann, R., Ramasamy, H.V., Schunter, M., Ramunno, G., Vernizzi, D.: An open trusted computing architecture — secure virtual machines enabling user-defined policy enforcement. Research Report RZ 3655, IBM Research (2006)

    Google Scholar 

  16. Meadows, C.: Formal methods for cryptographic protocol analysis: emerging issues and trends. IEEE Journal on Selected Areas in Communications 21(1), 44–54 (2003)

    Article  Google Scholar 

  17. Myers, M., Liu, X., Schaad, J., Weinstein, J.: Certificate Management Messages over CMS (April 2000), http://www.ietf.org/rfc/rfc2797.txt

  18. Mysore, S.H., Hallam-Baker, P.: XML key management specification (XKMS 2.0). W3C recommendation, W3C (June 2005), http://www.w3.org/TR/2005/REC-xkms2-20050628/

  19. Pirker, M., Toegl, R., Winkler, T., Vejda, T.: Trusted computing for the JavaTMplatform (2009), http://trustedjava.sourceforge.net/

  20. Sadeghi, A.-R., Stüble, C., Pohlmann, N.: European multilateral secure computing base - open trusted computing for you and me. Datenschutz und Datensicherheit (DUD) (09/2004), pp. 548–554 (2004), http://www.trust.rub.de/media/publications/SaStPo2004Web.pdf

  21. Sadeghi, A.-R., Stüble, C., Winandy, M.: Property-based TPM virtualization. In: 11th Information Security Conference (2008)

    Google Scholar 

  22. Schmidt, A., Kuntze, N., Kasper, M.: On the deployment of mobile trusted modules. In: Wireless Communications and Networking Conference, 2008. WCNC 2008, pp. 3169–3174. IEEE, Los Alamitos (2008)

    Chapter  Google Scholar 

  23. Sheehy, J., Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., Monk, L., Ramsdell, J., Sniffen, B.: Attestation: Evidence and trust. Technical Report 07 0186, MITRE Corporation (2007)

    Google Scholar 

  24. Singaravelu, L., Pu, C., Härtig, H., Helmuth, C.: Reducing TCB complexity for security-sensitive applications: three case studies. In: EuroSys 2006: Proceedings of the ACM SIGOPS/EuroSys European Conference on Computer Systems 2006, pp. 161–174. ACM, New York (2006)

    Google Scholar 

  25. Stumpf, F., Benz, M., Hermanowski, M., Eckert, C.: An approach to a trustworthy system architecture using virtualization (2007)

    Google Scholar 

  26. Toegl, R., Pirker, M.: An ongoing game of Tetris: Integrating trusted computing in Java, block-by-block. In: Proceedings of Future of Trust in Computing. Vieweg + Teubner (2008)

    Google Scholar 

  27. Trusted Computing Group, https://www.trustedcomputinggroup.org/

  28. Trusted Computing Group. TCG infrastructure specifications, https://www.trustedcomputinggroup.org/specs/IWG/

  29. Trusted Computing Group. TCG main specification version 1.1b, https://www.trustedcomputinggroup.org/specs/TPM/

  30. Trusted Computing Group. TCG software stack specification, version 1.2 errata a, https://www.trustedcomputinggroup.org/specs/TSS/

  31. Trusted Computing Group. TCG TPM specification version 1.2 revision 103, https://www.trustedcomputinggroup.org/specs/TPM/

  32. Trusted Computing Group. TCG Reference Architecture for Interoperability (Version 1.0) (June 2005), https://www.trustedcomputinggroup.org/specs/IWG

  33. Trusted Computing Group. TCG Credential Profiles Specifications (Version 1.1, rev 1.014) (May 2007), https://www.trustedcomputinggroup.org/specs/IWG

  34. van Doorn, L.: A secure Java virtual machine. In: Proceedings of the 9th USENIX Security Symposium. USENIX Association (2000)

    Google Scholar 

  35. Zic, J., Nepal, S.: Implementing a portable trusted environment. In: Proceedings of Future of Trust in Computing. Vieweg + Teubner (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, A–8010, Graz, Austria

    Martin Pirker, Ronald Toegl, Daniel Hein & Peter Danner

Authors
  1. Martin Pirker
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ronald Toegl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Hein
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peter Danner
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett Packard Labs, Filton Road, BS34 8QZ, Bristol, Stoke Gifford, UK

    Liqun Chen

  2. Information Security Group, Royal Holloway, University of London, TW20 0EX, Surrey, Egham, UK

    Chris J. Mitchell

  3. Oxford University Computing Laboratory, Wolfson Building, Parks Road, OX1 3QD, Oxford, UK

    Andrew Martin

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pirker, M., Toegl, R., Hein, D., Danner, P. (2009). A PrivacyCA for Anonymity and Trust. In: Chen, L., Mitchell, C.J., Martin, A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00587-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00587-9_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00586-2

  • Online ISBN: 978-3-642-00587-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation