Infrastructure for Trusted Environment: In Search of a Solution

  • Claire Vishik
  • Simon Johnson
  • David Hoffman


Millions of PCs are currently sold equipped with a Trusted Platform Module, TPM, serving as a root of trust on the platform. Trusted Computing as an area of security has acquired significant visibility, and many new products and a growing number of research projects in areas ranging from virtualization to network security are based on Trusted Computing technologies and vision. In order to fully realize the vision of the Trusted Computing community, dedicated or compatible trust infrastructure for verification and attestation is required. Similar to other trust-enabling technologies, Trusted Computing needs an infrastructure that can verify the claim that a device is genuine and can be trusted to take part in a transaction, in which it is involved. Such an infrastructure will enable an environment where individuals can use the technology for protected transactions and potentially employ less risky authentication methods. This paper explores the role of infrastructure in Trusted Computing, starting with the discussion of the infrastructure’s importance and issues in trust establishment, followed by the description of the basics of Trusted Computing functionality requiring infrastructure support. We use examples of other trust enabling infrastructures, such as general-purpose PKI and infrastructure for Identity Federation to highlight common approaches. Finally, we touch upon economics of trust and intermediation, in order to define potential models for building enabling infrastructure for Trusted Computing.. While the paper doesn’t propose concrete solutions for the infrastructure problem in Trusted Computing, some possible avenues of building the necessary framework are outlined.


Trust Platform Module Trust Establishment Trust Computing Identity Provider Trust Computing Group 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [FRKH00]
    Batya Friedman, PeterH. Kahn, Jr.,and Daniel C. Howe, Trust Online. Communications of the ACM, 43(12), 34–40.Google Scholar
  2. [CHHD06]
    Elizabeth Chang, Farook Hussain, Tharam Dillon. Trust and Reputation for Service-Oriented Environ-ments: Technologies For Building Business Intelligence And Consumer Confidence. New York: Wiley, 2006.Google Scholar
  3. [KALP05]
    Katsikas, S.K., Lopez, J., Pernul, G.: Trust, Privacy and Security in E-business: Requirements and Solutions. Proc. of the 10th Panhellenic Conference on Informatics (PCI’2005), pp.548–558. Volos, Greece, November 2005.Google Scholar
  4. [GRAW06]
    David Grawrock. The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press, 2006Google Scholar
  5. [FLLU05]
    Scott Flinn and Joanna Lumsden, User Perceptions of Privacy and Security on the Web. Third Annual Conference on Privacy, Security and Trust, October 12–14, 2005Google Scholar
  6. [BECG+05]
    Stefan Berger, Ramón Cáceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, Leendert van Doom. vTPM: Virtualizing the Trusted Platform Module. IBM Research Report. Available at:http:// lfe85257178004eee39?OpenDocument&Highlight=0,RC23879Google Scholar
  7. [TCGS07]
    Trusted Computing Group. TCG Specification Architecture Overview, version 1.3, May 2007. Avail-able at: Scholar
  8. [GORS06]
    Hari Govind, V. Ramasamy and Matthias Schunter. Architecting Dependable Systems Using Virtualiza-tion. Available at: Scholar
  9. [WAWU99]
    Chenxi WangWulf WA. Towards a scalable PKI for electronic commerce systems. In Advance Is-sues of E-Commerce and Web-Based Information Systems, WECWIS, 1999.Google Scholar
  10. [LOOP05]
    Lopez, J., Oppliger, R., Pernul, G.: Why have Public Key Infrastructures failed so far. Internet Re-search, Vol. 15, Issue 5, Emerald, Bradford, England, 2005.Google Scholar
  11. [NIVI98]
    Pekka Nikandre and Lea Viljanen. Storing and Retrieving Internet Certificates. Available at: http:// pdfGoogle Scholar
  12. [GUTM03]
    PeterGootman. Plug and Play PKI: A PKI Your Mother Can Use. In Proceedings of the 12th USENIX Security Symposium. Washington, D.C., USA, August 4–8, 2003Google Scholar
  13. [JEVO20]
    William S. Jevons. Money and the mechanism of exchange. New York: D. Appleton, 1920.Google Scholar
  14. [BAMA95]
    A. Bannerjee and E. Maskin. Fiat Money in the Kitoyaka-Wright Model. Quarterly Journal of Econom-ics, 111(4) 1996, p. 9551005.Google Scholar
  15. [ZHGH05]
    Jie Zhang and Ali. A. Ghorbani. Value-Centric Trust Model with Improved Familiarity Measurement. Available at: Scholar
  16. [VIWH99]
    Claire Vishik and Andrew B. Whinston. Knowledge Sharing, Quality, and Intermediation. In WACC 1999: p. 157–166Google Scholar
  17. [WILL87]
    S. D. Williamson. Recent developments in modeling financial intermediation. Federal Reserve Bank of Minneapolis, Quarterly Review, 11, Summer (1987), 19–29.Google Scholar
  18. [CHSW97]
    S. Choi, D. Stahl, D., and A. Whinston. Economics of Electronic Commerce. Indianapolis: Addison/ Wesley, 1997.Google Scholar
  19. [SABS96]
    M. Sarkar, B. Butler, and C. Steinfield. Intermediaries and Cybermediaries: A Continuing Role for Me-diating Players in the Electronic Marketplace. JCMC 1(3), 1996. Available athttp:/// jcmc/voll/issue3/sarkar.html.Google Scholar

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV Fachverlage GmbH, Wiesbaden 2007

Authors and Affiliations

  • Claire Vishik
    • 1
  • Simon Johnson
    • 1
  • David Hoffman
    • 1
  1. 1.Intel CorporationUSA

Personalised recommendations