• Title/Summary/Keyword: trusted platform

Search Result 49, Processing Time 0.022 seconds

A Property-Based Data Sealing using the Weakest Precondition Concept (최소 전제조건 개념을 이용한 성질 기반 데이터 실링)

  • Park, Tae-Jin;Park, Jun-Cheol
    • Journal of Internet Computing and Services
    • /
    • v.9 no.6
    • /
    • pp.1-13
    • /
    • 2008
  • Trusted Computing is a hardware-based technology that aims to guarantee security for machines beyond their users' control by providing security on computing hardware and software. TPM(Trusted Platform Module), the trusted platform specified by the Trusted Computing Group, acts as the roots for the trusted data storage and the trusted reporting of platform configuration. Data sealing encrypts secret data with a key and the platform's configuration at the time of encryption. In contrast to the traditional data sealing based on binary hash values of the platform configuration, a new approach called property-based data sealing was recently suggested. In this paper, we propose and analyze a new property-based data sealing protocol using the weakest precondition concept by Dijkstra. The proposed protocol resolves the problem of system updates by allowing sealed data to be unsealed at any configuration providing the required property. It assumes practically implementable trusted third parties only and protects platform's privacy when communicating. We demonstrate the proposed protocol's operability with any TPM chip by implementing and running the protocol on a software TPM emulator by Strasser. The proposed scheme can be deployed in PDAs and smart phones over wireless mobile networks as well as desktop PCs.

  • PDF

A Secure Maintenance Scheme of Secret Data on Trusted Mobile Platform Environment (Trusted Mobile Platform 환경에서의 안전한 비밀 데이터 유지(이전) 방안)

  • Kang, Dong-Wan;Lee, Im-Yeong;Han, Jin-Hee;Jun, Sung-Ik
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.4
    • /
    • pp.79-91
    • /
    • 2008
  • Modern society as an information society, a lot of information is communicated in on-line. Specially, mobile environment based on radio communication has a characteristic of flexibility compared with wire communication and is developed rapidly. However, the more mobile technology is developed the more security for sensitive information is needed. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM, hardware security module for mobile environment, offers user's privacy protection, platform integrity verification, and individual platform attestation. On the other hand, secure migration scheme is required in case secret data or key is transferred from one platform to the other platform. In this paper, we analyze migration schemes which were described in TCG standard and other papers and then propose security maintenance scheme for secret data using USIM(Universal Subscriber Identity Module).

Trustworthy Mutual Attestation Protocol for Local True Single Sign-On System: Proof of Concept and Performance Evaluation

  • Khattak, Zubair Ahmad;Manan, Jamalul-Lail Ab;Sulaiman, Suziah
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.6 no.9
    • /
    • pp.2405-2423
    • /
    • 2012
  • In a traditional Single Sign-On (SSO) scheme, the user and the Service Providers (SPs) have given their trust to the Identity Provider (IdP) or Authentication Service Provider (ASP) for the authentication and correct assertion. However, we still need a better solution for the local/native true SSO to gain user confidence, whereby the trusted entity must play the role of the ASP between distinct SPs. This technical gap has been filled by Trusted Computing (TC), where the remote attestation approach introduced by the Trusted Computing Group (TCG) is to attest whether the remote platform integrity is indeed trusted or not. In this paper, we demonstrate a Trustworthy Mutual Attestation (TMutualA) protocol as a proof of concept implementation for a local true SSO using the Integrity Measurement Architecture (IMA) with the Trusted Platform Module (TPM). In our proposed protocol, firstly, the user and SP platform integrity are checked (i.e., hardware and software integrity state verification) before allowing access to a protected resource sited at the SP and releasing a user authentication token to the SP. We evaluated the performance of the proposed TMutualA protocol, in particular, the client and server attestation time and the round trip of the mutual attestation time.

Implementation of Virtualization-based Domain Separation Security Platform for Smart Devices (안전한 스마트 단말을 위한 가상화 기반 도메인 분리 보안 플랫폼 구현)

  • Kim, Jeong Nyeo
    • Smart Media Journal
    • /
    • v.5 no.4
    • /
    • pp.116-123
    • /
    • 2016
  • Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices.

A Study on Secure Key Backup/Recovery Scheme for Device based on Mobile Trusted Module (Mobile Trusted Module 기반 단말에서의 안전한 키 백업 및 복구 방안에 대한 연구)

  • Kang, Dong-Wan;Jun, Sung-Ik;Lee, Im-Yeoung
    • The KIPS Transactions:PartC
    • /
    • v.16C no.3
    • /
    • pp.335-346
    • /
    • 2009
  • Mobile environments are evolving the main communication environment as a develops of communication technology. In mobile environments, sensitive information can be compromised on-line, so demand for security has increased. Also, mobile devices that provide various services are in danger from malware and illegal devices, phishing and sniffing etc, and the privacy. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM protects user privacy and platform integrity, because it is embedded in the platform, and it is physically secure. However, a security approach is required when secret data is migrated elsewhere, because MTM provides strong security functions. In this paper, we analyze the TCG standard and migration method for cryptographic key, then we propose a secure migration scheme for cryptographic key using key Backup/Recovery method.

Implementation of Domain Separation-based Security Platform for Smart Device (안전한 스마트 단말을 위한 도메인 분리 기반 보안 플랫폼 구현)

  • Kim, Jeong Nyeo
    • Journal of Digital Convergence
    • /
    • v.14 no.12
    • /
    • pp.471-476
    • /
    • 2016
  • Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

모바일 플랫폼용 공통보안핵심 모듈 기술

  • Kim Moo-Seop;Shin Jin-A;Park Young-Soo;Jun Sung-Ik
    • Review of KIISC
    • /
    • v.16 no.3
    • /
    • pp.7-17
    • /
    • 2006
  • TCG(Trusted Computing Group)는 더욱 안전한 컴퓨팅 환경의 구현을 목적으로 설립된 업계 컨소시엄으로, 데이터의 신뢰성을 제공하기 위하여 TPM(Trusted Platform Module)으로 불리는 신뢰의 기본을 제공하는 핵심 하드웨어의 사용을 제안하고 있다. 최근 모바일 디바이스의 성능 향상에 따라 다양한 응용들의 지원이 가능해지고, 네트워크를 통한 소프트웨어의 업데이트 및 응용프로그램의 다운로드 등이 가능한 개방형 플랫폼으로의 변화에 따른 디지털 컨버젼스는 TMP(Trusted Mobile Platform)라는 새로운 모바일 플랫폼용 규격의 사용을 필요로 하고 있다. 본 고에서는 기존 컴퓨팅 환경과 모바일 플랫폼에 핵심 보안 모듈인 TPM 기술의 국내 외 기술의 동향과 핵심 요소들에 대한 기술적 개념들을 살펴본다.

Design of a Mobile DAA Model through Java Test Module for the DAA Protocol (DAA 자바 실험모듈 구현을 통한 모바일 DAA 모델 설계)

  • Yang, Seok-Hwan;Lee, Ki-Yeal;Chung, Mok-Dong
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.14 no.8
    • /
    • pp.773-777
    • /
    • 2008
  • Today's mobile devices have characteristic of random mobility in the heterogeneous networks. Thus they should have various kinds of security requirements. To satisfy these requirements, there are many researches on security and authentication for mobile devices. TCG(Trusted Computing Group) designed TPM(Trusted Platform Module) for providing privacy and authentication to users. Also TCG suggest a protocol, called DAA(Direct Anonymous Attestation) which uses zero knowledge proof theory. In this paper, we will implement DAA protocol using Java and show the efficiency and the problems in the DAA protocol. Finally, we will suggest an efficient mobile DAA model through Java test module for the DAA protocol.

Analysis of Security Technology of Trusted Platform Modules (신뢰할 수 있는 플랫폼 모듈 (TPM; Trusted Platform Module) 연구의 암호기술 분석)

  • Moon, Sangook
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2009.10a
    • /
    • pp.878-881
    • /
    • 2009
  • As for the technology developed for network security, there is little difference of design ability between the domestic and the foreign studies. Although the development of 2048 RSA processor has been undergone, the processing speed does not meet the requirement due to its long width. These days, an RSA processor architecture with higher speed comsuming less resource is necessary. As for the development of RNG (Random Number Generator), the technology trend is moving from PRNG (Pseudo Random Number Generator) to TRNG (True Random Number Generator), also requiring less area and high speed.

  • PDF

Security and Privacy Mechanism using TCG/TPM to various WSN (다양한 무선네트워크 하에서 TCG/TPM을 이용한 정보보호 및 프라이버시 매커니즘)

  • Lee, Ki-Man;Cho, Nae-Hyun;Kwon, Hwan-Woo;Seo, Chang-Ho
    • Journal of the Korea Society of Computer and Information
    • /
    • v.13 no.5
    • /
    • pp.195-202
    • /
    • 2008
  • In this paper, To improve the effectiveness of security enforcement, the first contribution in this work is that we present a clustered heterogeneous WSN(Wareless Sensor Network) architecture, composed of not only resource constrained sensor nodes, but also a number of more powerful high-end devices acting as cluster heads. Compared to sensor nodes, a high-end cluster head has higher computation capability, larger storage, longer power supply, and longer radio transmission range, and it thus does not suffer from the resource scarceness problem as much as a sensor node does. A distinct feature of our heterogeneous architecture is that cluster heads are equipped with TC(trusted computing) technology, and in particular a TCG(Trusted Computing Group) compliant TPM (Trusted Platform Module) is embedded into each cluster head. According the TCG specifications, TPM is a tamper-resistant, self-contained secure coprocessor, capable of performing cryptographic functions. A TPM attached to a host establishes a trusted computing platform that provides sealed storage, and measures and reports the integrity state of the platform.

  • PDF