TrustCube: An Infrastructure that Builds Trust in Client
In a client-server environment, typically a lot of sensitive data and/or processes (for clients as well as for the server) are maintained at the server. In order to protect the integrity of the server and prevent leakage of data to unauthorized entities, it is important to make sure that only the authorized person with properly configured authorized platforms can gain the access to the server.
In this paper, we introduce the TrustCube infrastructure. The TrustCube infrastructure is an end-to-end infrastructure that offers measurements of essential elements of clients, including person (or identity), the platform, and the environment; thus, enabling the capability for service providers to make informed decision based on the certifiable report of measurements. Under this infrastructure, a server can accurately evaluate the risk of dealing with a particular client, and handle the requests coming from that client correspondingly.
KeywordsSmart Card Trust Platform Module Authentication Phase Network Access Requester
Unable to display preview. Download preview PDF.
- Garfinkel, Simson. Web Security, Privacy and Commerce, 2nd Edition. s.l. : O’Reilly Media, Inc., 2002. ISBN 0596000456.Google Scholar
- Ml .4 Ad Hoc Group on Biometric in E-Authentication (AHGBEA). Study Report on Biometrics in E-Authentication. Washington, DC : InterNational Committee for Information Technology Standards, INCITS Secretariat, Information Technology Industry Council (ITI), 2007.Google Scholar
- Freire, Carl. Virus spreads data, scandal over Winny. MSNBC. [Online] June 12, 2006. http://www.msnbc.msn.com/id/13283771/.
- Trusted Computing Group. [Online] https://www.trustedcomputinggroup.org/home 2008.
- The Future of Trusted Computing. Kay, Roger, s.l. : GovSec, 2005.Google Scholar
- Trusted Computing Group. Trusted Platform Module (TPM) Specification. https://www.trustedcomput-inggroup.org/specs/TPM, 2008.
- SignaCert. SignaCert Enterprise Trust Server. http://www.signacert.com/products/enterprise-trust-server/, 2008.
- Semantic Remote Attestation - A Virtual Machine directed approach to Trusted Computing. Haldar, Vivek, Chandra, Deepak and Franz, Michael. San Jose, California : 3rd Virtual Machine Research & Technology Symposium, 2004.Google Scholar
- Design and Implementation of a TCG-based Integrity Measurement Architecture. Sailer, Reiner, et al. San Diego, California : s.n., 2004. 13th Usenix Security Symposium.Google Scholar
- TrustedGRUB. http://www.prosec.rub.de/trusted_grub.html, 2006
- OSLO: improving the security of trusted computing. Kauer, Bernhard. Boston, Massachusetts: 16th USE-NIX Security Symposium, 2007.Google Scholar
- Trusted Computing Group. Specification, Trusted Network Connect (TNC). https://www.trustedcomput-inggroup.org/specs/TNC, 2008.
- ISO/IEC 19784-1. Information technology - Biometric application programming interface - Part 1: BioAPI Specification (version 2.0, international). 2005.Google Scholar
- Trusted Computing Group. TCG Software Stack (TSS) Specifications. https://www.trustedcomputing-group.org/specs/TSS, 2008.
- Trusted Computing Infrastructure Working Group. Subject Key Attestation Evidence Extension. https://www.trustedcomputinggroup.org/specs/IWG/IWG_SKAE_Extension_1-00.pdf, 2005.