Skip to main content
SpringerLink
Log in

Architecture of Trusted Terminal

  • Chapter
Security Access in Wireless Local Area Networks

  • 230 Accesses

Abstract

In the traditional client-server architecture, the server is the focus of security, but the huge numbers of terminals have the relatively small consideration. Through the practice of the information security, people have realized that the security problem mainly comes from network terminals. To ensure the source security of network terminals, the solution must be brainstormed synthetically from the chips, hardware architectures, operating systems, etc., which comes into being the original idea of the Trusted Computing (TC). TC binds a trusted platform modular (TPM) to the terminal to ensure the security of the client, by which a trusted chain is established to protect the whole system and network. In this section, we introduce the TC technology, TC framework, trusted platform module, and trusted mobile platform. Especially, we research the TC based client security architecture, and indicate that the key point is the security operating system which can support TC. Finally, a comparison among the secure kernel based, micro kernel based, and virtual machine based terminal architectures is proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson J P. Computer Security Technology Planning Study, Electronic System Divison, US Air Force System Command, ESD-TR-73-51, 1972.

    Google Scholar 

  2. Trusted Computing Group. TPM main-part 1 design principles, version 1.2, level 2 revision 103, 2007.

    Google Scholar 

  3. Xu S Y. Design and analysis of trusted computing system. Beijing: Tsinghua University Press, 2006.

    Google Scholar 

  4. Computing Research Association. Four grand challenges in TRUSTWORTHY COMPUTING: proceedings of grand research challenges in computer science and engineering, 2003.

    Google Scholar 

  5. Trusted Computing Group. TCG specification architecture overview specification revision 1.4 2nd, 2007.

    Google Scholar 

  6. Trusted Computing Group. TCG software stack (TSS) specification, version 1.10 golden. 2003.

    Google Scholar 

  7. NTT DoCoMo, IBM, Intel Corporation. Trusted mobile platform hardware architecture description, vevision 1.00, 2004.

    Google Scholar 

  8. NTT DoCoMo, IBM, and Intel Corporation. Trusted mobile platform software architecture description, revision 1.00, 2004.

    Google Scholar 

  9. Microsoft. Microsoft next generation secure computing base—technical FAQ. 2003.

    Google Scholar 

  10. Zhang X W, Covington M J, Chen S Q, et al. Secure Bus: towards application—transparent trusted computing with mandatory access control: ASIACCS’07. ACM. 2007: 117–126.

    Google Scholar 

  11. Shi E, Perrig A, Van Doorn L. Bind: a fine-grained attestation service for secure distributed systems: proceedings of IEEE symposium on security and privacy. IEEE Computer Society, 2005: 154–168.

    Google Scholar 

  12. Reid J F, Caelli W J. DRM, trusted computing and operating system architecture: proceeding of australasian information security workshop. Australian Computer Society, Inc. Vol. 108: 127–136.

    Google Scholar 

  13. Sadeghi A R, Stuble C, Pohlmann N. European multilateral secure computing base—open trusted computing for you and me, 2004.

    Google Scholar 

  14. Pfitzmann B, Riordan J, Stuble C, et al. The PERSEUS system architecture. IBM Research Report RZ 3335 (#93381), 2004.

    Google Scholar 

  15. JSmith J J, Nair R, Smith J E, et al. Virtual machines: versatile platforms for systems and processes. Morgan Kaufmann, 2005.

    Google Scholar 

  16. Garfinkel T, Pfaff B, Chow J et al. Terra: a virtual machine-based platform for trusted computing: proceedings of the nineteenth ACM symposium on operating systems principles. ACM Press, 2003: 193–206.

    Google Scholar 

  17. Clark T, Deshane E D, Evanchik S, et al. Xen and the art of repeated research:roceedings of the Usenix annual technical conference. USENIX Association, 2004: 47–56.

    Google Scholar 

  18. Wright C, Cowan C. Linux security modules—general security support for the linux kernel: SECURITY 2002: proceedings of the 11th USENIX security symposium. 2002.

    Google Scholar 

  19. The Bear/Enforcer Project. Enforcer project homepage 2004. http://enforcer. sourceforge.net/.

    Google Scholar 

  20. Reiner S, Zhang X, Trent J et al. Design and implementation of a TCG-based integrity measurement architecture: proceedings of the 13th Usenix security symposium. 2004 (13): 223–238.

    Google Scholar 

  21. Wright C, Cowan C, Morris J, et al. Linux security modules: general security support for the Linux kernel:proceeding of 11th USENIX security symposium. 2002.

    Google Scholar 

  22. Jaeger T, Sailer R, Shankar U. PR1MA: policy reduced integrity measure architecture: proceedings of the ACM symposium on access control models and technologies). ACM. 2006: 19–28.

    Google Scholar 

  23. Shankar U, Jaeger T, Sailer R. Toward automated information-flow integrity for security-critical applications:proceedings of the 13th annual network and distributed systems security symposium. Internet Society. 2006.

    Google Scholar 

  24. Safford D, Zohar M. A trusted Linux Client. IBM T.J. Watson Research Center, 2004, http://www.research.ibm.com/gsal/tcpa/tlc.pdf.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Computer Networks and Information Security (Ministry of Education), Xidian University, Xi’an, 710071, China

    Prof. Jianfeng Ma

  2. School of Computer Science, Xidian University, Xi’an, 710071, China

    Dr. Changguang Wang & Dr. Zhuo Ma

Authors
  1. Prof. Jianfeng Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dr. Changguang Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dr. Zhuo Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Higher Education Press, Beijing and Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Ma, J., Wang, C., Ma, Z. (2009). Architecture of Trusted Terminal. In: Security Access in Wireless Local Area Networks. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00941-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00941-9_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00940-2

  • Online ISBN: 978-3-642-00941-9

Publish with us

Policies and ethics

Search

Navigation