Advertisement

TrustCube: An Infrastructure that Builds Trust in Client

  • Zhexuan Song
  • Jesus Molina
  • Sung Lee
  • Houcheng Lee
  • Seigo Kotani
  • Ryusuke Masuoka

Abstract

In a client-server environment, typically a lot of sensitive data and/or processes (for clients as well as for the server) are maintained at the server. In order to protect the integrity of the server and prevent leakage of data to unauthorized entities, it is important to make sure that only the authorized person with properly configured authorized platforms can gain the access to the server.

In this paper, we introduce the TrustCube infrastructure. The TrustCube infrastructure is an end-to-end infrastructure that offers measurements of essential elements of clients, including person (or identity), the platform, and the environment; thus, enabling the capability for service providers to make informed decision based on the certifiable report of measurements. Under this infrastructure, a server can accurately evaluate the risk of dealing with a particular client, and handle the requests coming from that client correspondingly.

Keywords

Smart Card Trust Platform Module Authentication Phase Network Access Requester 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Garfinkel, Simson. Web Security, Privacy and Commerce, 2nd Edition. s.l. : O’Reilly Media, Inc., 2002. ISBN 0596000456.Google Scholar
  2. Ml .4 Ad Hoc Group on Biometric in E-Authentication (AHGBEA). Study Report on Biometrics in E-Authentication. Washington, DC : InterNational Committee for Information Technology Standards, INCITS Secretariat, Information Technology Industry Council (ITI), 2007.Google Scholar
  3. Freire, Carl. Virus spreads data, scandal over Winny. MSNBC. [Online] June 12, 2006. http://www.msnbc.msn.com/id/13283771/.
  4. Trusted Computing Group. [Online] https://www.trustedcomputinggroup.org/home 2008.
  5. The Future of Trusted Computing. Kay, Roger, s.l. : GovSec, 2005.Google Scholar
  6. Trusted Computing Group. Trusted Platform Module (TPM) Specification. https://www.trustedcomput-inggroup.org/specs/TPM, 2008.
  7. SignaCert. SignaCert Enterprise Trust Server. http://www.signacert.com/products/enterprise-trust-server/, 2008.
  8. Semantic Remote Attestation - A Virtual Machine directed approach to Trusted Computing. Haldar, Vivek, Chandra, Deepak and Franz, Michael. San Jose, California : 3rd Virtual Machine Research & Technology Symposium, 2004.Google Scholar
  9. Design and Implementation of a TCG-based Integrity Measurement Architecture. Sailer, Reiner, et al. San Diego, California : s.n., 2004. 13th Usenix Security Symposium.Google Scholar
  10. OSLO: improving the security of trusted computing. Kauer, Bernhard. Boston, Massachusetts: 16th USE-NIX Security Symposium, 2007.Google Scholar
  11. Trusted Computing Group. Specification, Trusted Network Connect (TNC). https://www.trustedcomput-inggroup.org/specs/TNC, 2008.
  12. ISO/IEC 19784-1. Information technology - Biometric application programming interface - Part 1: BioAPI Specification (version 2.0, international). 2005.Google Scholar
  13. Trusted Computing Group. TCG Software Stack (TSS) Specifications. https://www.trustedcomputing-group.org/specs/TSS, 2008.
  14. Trusted Computing Infrastructure Working Group. Subject Key Attestation Evidence Extension. https://www.trustedcomputinggroup.org/specs/IWG/IWG_SKAE_Extension_1-00.pdf, 2005.

Copyright information

© Vieweg+Teubner | GWV Fachverlage GmbH 2009

Authors and Affiliations

  • Zhexuan Song
    • 1
  • Jesus Molina
    • 1
  • Sung Lee
    • 1
  • Houcheng Lee
    • 1
  • Seigo Kotani
    • 1
  • Ryusuke Masuoka
    • 1
  1. 1.Fujitsu Laboratories of America 8400Maryland

Personalised recommendations