Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by w...Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform's real identity, which are Privacy CA-based protocol and direct anonymous attestation (DAA) protocol. However, in the first protocol the privacy CA is the bottleneck and the platform's identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM's real identity.展开更多
Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cry...Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cryptology. In this paper, we analyze the key and credential mechanism which is two basic aspects in the cryptology application of trusted computing. We give an example application to illustrate that the TPM enabled key and credential mechanism can improve the security of computer system.展开更多
It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen who...It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen whose system configuration changes easily. TPM (trusted platform module) context manager is presented to carry out dynamic configuration management for virtual machine. It manages the TPM command requests and VM (virtual machine) configurations. The dynamic configuration representa- tion method based on Merkle hash tree is explicitly proposed against TCG (trusted computing group) static configuration representation. It reflects the true VM status in real time even if the configuration has changed, and it eliminates the invalidation of configuration representation, sealing storage and remote attestation. TPM context manager supports TCG storage protection, remote attestation etc, which greatly enhances the security on trusted virtualization platform.展开更多
Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled ...Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.展开更多
In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relation...In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relationship among these objects in a trusted system according to trusted computing specifications. Inference rules of trusted relation are given too. With the semantics proposed, some trusted computing models are formalized and verified, which shows that Predicate calculus logic provides a general and effective method for modeling and reasoning trusted computing systems.展开更多
Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of truste...Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of trusted platform module (TPM) technologies, and to support TPM capabilities in operating systems, the paper extended the scope of the conventional trusted path to cover the situation in which a user communicates with software residing on a remote host. The paper combined the concept of operating system support for trusted path with that for TPM platforms, and proposed the architecture of an extended trusted path mechanism in operating system with considerations on TPM-capable platforms support. As part of the author's research in secure operating systems, the work of the paper was carried out with Linux as an experimental prototype system. The research result shows that TPM capabilities can strengthen extended trusted path mechanisms of operating systems.展开更多
In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anony...In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.展开更多
This paper analyzes the threat of TCG Software Stack(TSS)/TCM Service Module(TSM) deadlock in multi-user environment such as cloud and discusses its causes and mechanism.In addition,this paper puts forward a dynamic p...This paper analyzes the threat of TCG Software Stack(TSS)/TCM Service Module(TSM) deadlock in multi-user environment such as cloud and discusses its causes and mechanism.In addition,this paper puts forward a dynamic priority task scheduling strategy based on value evaluation to handle this threat.The strategy is based on the implementation features of trusted hardware and establishes a multi-level ready queue.In this strategy,an algorithm for real-time value computing is also designed,and it can adjust the production curves of the real time value by setting parameters in different environment,thus enhancing its adaptability,which is followed by scheduling and algorithm description.This paper also implements the algorithm and carries out its performance optimization.Due to the experiment result from Intel NUC,it is shown that TSS based on advanced DPTSV is able to solve the problem of deadlock with no negative influence on performance and security in multi-user environment.展开更多
Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious us...Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture, BBACIMA, through enforcing behavior-based access control for trusted platform module (TPM). BBACIMA introduces a TPM reference monitor (TPMRM) to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based access control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR (platform configuration register) operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement architectures.展开更多
Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and avail...Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and availability of on-demand cloud services.However,in addition to usual threats in almost every computing environment,cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm.Furthermore,since there are a growing number of attacks directed at cloud environments(including dictionary attacks,replay code attacks,denial of service attacks,rootkit attacks,code injection attacks,etc.),customers require additional assurances before adopting cloud services.Moreover,the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches.In this study,the model based on the root of trust for continuous integration and continuous deployment is proposed,instead of only relying on a single signon authentication method that typically uses only id and password.The underlying study opted hardware security module by utilizing the Trusted Platform Module(TPM),which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers.The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment.展开更多
With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applica...With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applications, like the electronic payment which will be discussed in this paper, the lack of trust in the underlying mobile infrastructure and secure interface to legacy systems (for this case, the banking systems) poses obstacles to their widespread presence in mobile services. Recently, the exposure of hacking of iPhone and other smart phones further emphasizes the criticality of establishing a trust platform for mobile applications. This paper analyzes the building blocks of the trusted smart phone, and proposes a framework to provide a trusted platform for mobile electronic payment. Such a proposed system may allow direct interface to the banking systems due to the banking industry recognized strong security, and hence, may enable its widespread use.展开更多
One important function in trusted computing is protected storage, which can protect unlimited amount of data and keys. In the existing trusted platform module (TPM) key loading scheme for trusted platform, a computi...One important function in trusted computing is protected storage, which can protect unlimited amount of data and keys. In the existing trusted platform module (TPM) key loading scheme for trusted platform, a computing platform with TPM as its trusted anchor, the total times of loading operation is the same as the number of the loaded target object's ancestors, resulting in low efficiency of loading a TPM key which has many ancestors. To improve efficiency, an identity-based TPM key loading scheme is proposed. In this scheme, the times of loading operation is only two when any TPM key is loaded into TPM. Therefore, the required time cost for loading a TPM key can be reduced, especially for complex TPM key storage hierarchy. By analyzing the correctness, security, efficiency and feasibility, the proposed scheme has the better theoretical and application value.展开更多
This research critically reviews the definition of confidential computing(CC)and the security comparison of CC with other related technologies by the Confidential Computing Consortium(CCC).We demonstrate that the defi...This research critically reviews the definition of confidential computing(CC)and the security comparison of CC with other related technologies by the Confidential Computing Consortium(CCC).We demonstrate that the definitions by CCC are ambiguous,incomplete and even conflicting.We also demonstrate that the security comparison of CC with other technologies is neither scientific nor fair.We highlight the issues in the definitions and comparisons and provide initial recommendations for fixing the issues.These recommendations are the first step towards more precise definitions and reliable comparisons in the future.展开更多
In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-p...In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user.展开更多
It is essential to design a protocol to allow sensor nodes to attest to their trustworthiness for mission- critical applications based on Wireless Sensor Networks (WSNs). However, it is a challenge to evaluate the t...It is essential to design a protocol to allow sensor nodes to attest to their trustworthiness for mission- critical applications based on Wireless Sensor Networks (WSNs). However, it is a challenge to evaluate the trustworthiness without appropriate hardware support. Hence, we present a hardware-based remote attestation protocol to tackle the problem within WSNs. In our design, each sensor node is equipped with a Trusted Platform Module (TPM) which plays the role of a trusted anchor. We start with the formulation of remote attestation and its security. The complete protocol for both single-hop and multi-hop attestations is then demonstrated. Results show the new protocol is effective, efficient, and secure.展开更多
In order to solve the contradictions between user privacy protection and identity authentication, an anonymous authentication scheme under mobile Internet is proposed, which is based on the direct anonymous attestatio...In order to solve the contradictions between user privacy protection and identity authentication, an anonymous authentication scheme under mobile Internet is proposed, which is based on the direct anonymous attestation of trusted computing and uses the encrypting transfer and signature validation for its implementation. Aiming at two access mode of trusted mobile terminal under mobile Internet, self access and cross-domain access, the authentication process of each mode is described in details. The analysis shows that the scheme implements anonymous authentication on mobile Internet and is correct, controllable and unforgeable.展开更多
For the problem of the original direct anonymous attestation (DAA) scheme's complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solutio...For the problem of the original direct anonymous attestation (DAA) scheme's complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solution to ECC-based TPM in protecting the privacy of the TPM. The scheme still includes five procedures or algorithms: Setup, Join, Sign, Verify and Rogue tagging, but gets rid of zero-knowledge proof and takes on a new process and framework, of which the main operations are addition, scalar multiplication and bilinear maps on supersingular elliptic curve systems. Moreover, the scheme adequately utilizes the properties of bilinear maps as well as the signature and verification of the ecliptic curve system itself. Compared with other schemes, the new DAA scheme not only satis- fies the same properties, and shows better simplicity and high effi- ciency. This paper gives not only a detailed security proof of the proposed scheme, but also a careful performance analysis by comparing with the existing DAA schemes.展开更多
In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which...In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.Abstract: In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.展开更多
This paper presents vCerberus, a novel hypervisor to provide trusted and isolated code execution within virtual domains vCerberus is considerably tiny, while allowing secure sensitive codes to be executed in an isolat...This paper presents vCerberus, a novel hypervisor to provide trusted and isolated code execution within virtual domains vCerberus is considerably tiny, while allowing secure sensitive codes to be executed in an isolated circumstance from the virtual ddmain, and can be attested by a remote party in an efficient way. These properties will be guaranteed even if the guest operating system is malicious. This protects the secure sensitive codes against the malicious codes in the Guest OS, e.g., the kernel rootkits. We present an approach to dynamically measure and isolate the launch environment on the virtual machines based on the para-virtualization technology and a novel virtualization of trusted platform module (TPM). Our performance experiment result shows that the overhead introduced by vCerberus is minimized; the performance of the launch environment in vCerberus is as competitive as the guest OS running on mainstream hypervisors.展开更多
基金Supported by the National High Technology Research and Development Program of China (2005AA145110)
文摘Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform's real identity, which are Privacy CA-based protocol and direct anonymous attestation (DAA) protocol. However, in the first protocol the privacy CA is the bottleneck and the platform's identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM's real identity.
基金Supported by the National Natural Science Foun-dation of China (60373087 ,60473023 ,90104005) HP Laborato-ry of China
文摘Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cryptology. In this paper, we analyze the key and credential mechanism which is two basic aspects in the cryptology application of trusted computing. We give an example application to illustrate that the TPM enabled key and credential mechanism can improve the security of computer system.
基金the National High Technology Research and Development Program of China (2007AA01Z412)
文摘It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen whose system configuration changes easily. TPM (trusted platform module) context manager is presented to carry out dynamic configuration management for virtual machine. It manages the TPM command requests and VM (virtual machine) configurations. The dynamic configuration representa- tion method based on Merkle hash tree is explicitly proposed against TCG (trusted computing group) static configuration representation. It reflects the true VM status in real time even if the configuration has changed, and it eliminates the invalidation of configuration representation, sealing storage and remote attestation. TPM context manager supports TCG storage protection, remote attestation etc, which greatly enhances the security on trusted virtualization platform.
基金Supported by the National Natural Science Foun-dation of China (60373087 ,60473023 and 90104005)HP Labo-ratories of China
文摘Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.
基金Supported by the National High-Technology Re-search and Development Program ( 863 Program)China(2004AA113020)
文摘In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relationship among these objects in a trusted system according to trusted computing specifications. Inference rules of trusted relation are given too. With the semantics proposed, some trusted computing models are formalized and verified, which shows that Predicate calculus logic provides a general and effective method for modeling and reasoning trusted computing systems.
基金Supported by the National Natural Science Foun-dation of China (60373054)
文摘Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of trusted platform module (TPM) technologies, and to support TPM capabilities in operating systems, the paper extended the scope of the conventional trusted path to cover the situation in which a user communicates with software residing on a remote host. The paper combined the concept of operating system support for trusted path with that for TPM platforms, and proposed the architecture of an extended trusted path mechanism in operating system with considerations on TPM-capable platforms support. As part of the author's research in secure operating systems, the work of the paper was carried out with Linux as an experimental prototype system. The research result shows that TPM capabilities can strengthen extended trusted path mechanisms of operating systems.
基金supported in part by the European Commission Marie Curie IRSES project "AdvIOT"the National Natural Science Foundation of China (NSFC) under grant No.61372103
文摘In network-connected UAV(NCUAV) communication systems, user authentication is replaced by platform identity authentication and integrity check because many NC-UAVs are operated without human intervention. Direct anonymous attestation(DAA) is an attractive cryptographic scheme that provides an elegant balance between platform authentication and anonymity. However, because of the low-level computing capability and limited transmission bandwidth in UAV, the existing DAA schemes are not suitable for NC-UAV communication systems. In this paper, we propose an enhanced DAA scheme with mutual authentication(MA-DAA scheme), which meets the security requirements of NC-UAV communication systems. The proposed MA-DAA scheme, which is based on asymmetric pairings, bundles the identities of trusted platform module(TPM) and Host to solve the malicious module changing attacks. Credential randomization, batch proof and verification, and mutual authentication are realized in the MA-DAA scheme. The computational workload in TPM and Host is reduced in order to meet the low computation and resource requirements in TPM and Host.The entire scheme and protocols are presented,and the security and efficiency of the proposed MA-DAA scheme are proved and analyzed.Our experiment results also confirm the high efficiency of the proposed scheme.
基金supported by the State Key Program of National Natural Science Foundation of China(Grant No.91118003)the National Natural Science Foundation of China(Grant No.61173138,61272452,61332019)+1 种基金the National Basic Research Program of China("973"Program)(Grant No.2014CB340600)the National High-Tech Research and Development Program of China("863"Program)(Grant No.2015AA016002)
文摘This paper analyzes the threat of TCG Software Stack(TSS)/TCM Service Module(TSM) deadlock in multi-user environment such as cloud and discusses its causes and mechanism.In addition,this paper puts forward a dynamic priority task scheduling strategy based on value evaluation to handle this threat.The strategy is based on the implementation features of trusted hardware and establishes a multi-level ready queue.In this strategy,an algorithm for real-time value computing is also designed,and it can adjust the production curves of the real time value by setting parameters in different environment,thus enhancing its adaptability,which is followed by scheduling and algorithm description.This paper also implements the algorithm and carries out its performance optimization.Due to the experiment result from Intel NUC,it is shown that TSS based on advanced DPTSV is able to solve the problem of deadlock with no negative influence on performance and security in multi-user environment.
基金the National High Technology Research and Development Plan of China (2007AA01Z412)the National Key Technology R&D Program of China (2006BAH02A02)the National Natural Science Foundation of China (60603017)
文摘Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture, BBACIMA, through enforcing behavior-based access control for trusted platform module (TPM). BBACIMA introduces a TPM reference monitor (TPMRM) to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based access control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR (platform configuration register) operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement architectures.
基金The research work was supported by UTP-Universitas Telkom,Indonesia International Collaborative Research Funding(ICRF)015ME0-153 and Center for Graduate Studies(CGS),Universiti Teknologi PETRONAS(UTP),Perak,Malaysia.
文摘Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and availability of on-demand cloud services.However,in addition to usual threats in almost every computing environment,cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm.Furthermore,since there are a growing number of attacks directed at cloud environments(including dictionary attacks,replay code attacks,denial of service attacks,rootkit attacks,code injection attacks,etc.),customers require additional assurances before adopting cloud services.Moreover,the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches.In this study,the model based on the root of trust for continuous integration and continuous deployment is proposed,instead of only relying on a single signon authentication method that typically uses only id and password.The underlying study opted hardware security module by utilizing the Trusted Platform Module(TPM),which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers.The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment.
基金This work was supported by the National Nature Science Foundation of China under Grant No.60472014.
文摘With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applications, like the electronic payment which will be discussed in this paper, the lack of trust in the underlying mobile infrastructure and secure interface to legacy systems (for this case, the banking systems) poses obstacles to their widespread presence in mobile services. Recently, the exposure of hacking of iPhone and other smart phones further emphasizes the criticality of establishing a trust platform for mobile applications. This paper analyzes the building blocks of the trusted smart phone, and proposes a framework to provide a trusted platform for mobile electronic payment. Such a proposed system may allow direct interface to the banking systems due to the banking industry recognized strong security, and hence, may enable its widespread use.
基金supported by the National Basic Research Program of China (2007CB310704)the National Natural Science Foundation of China (60821001)the Hi-Tech Research and Development Program of China (2009AA01Z439)
文摘One important function in trusted computing is protected storage, which can protect unlimited amount of data and keys. In the existing trusted platform module (TPM) key loading scheme for trusted platform, a computing platform with TPM as its trusted anchor, the total times of loading operation is the same as the number of the loaded target object's ancestors, resulting in low efficiency of loading a TPM key which has many ancestors. To improve efficiency, an identity-based TPM key loading scheme is proposed. In this scheme, the times of loading operation is only two when any TPM key is loaded into TPM. Therefore, the required time cost for loading a TPM key can be reduced, especially for complex TPM key storage hierarchy. By analyzing the correctness, security, efficiency and feasibility, the proposed scheme has the better theoretical and application value.
基金Funded by DFG Grants 389792660 as part of TRR 248—CPECand 390696704 as part of CeTI.
文摘This research critically reviews the definition of confidential computing(CC)and the security comparison of CC with other related technologies by the Confidential Computing Consortium(CCC).We demonstrate that the definitions by CCC are ambiguous,incomplete and even conflicting.We also demonstrate that the security comparison of CC with other technologies is neither scientific nor fair.We highlight the issues in the definitions and comparisons and provide initial recommendations for fixing the issues.These recommendations are the first step towards more precise definitions and reliable comparisons in the future.
文摘In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user.
基金supported by the outstanding graduate student innovation project of Shanxi Province (No.20123030)
文摘It is essential to design a protocol to allow sensor nodes to attest to their trustworthiness for mission- critical applications based on Wireless Sensor Networks (WSNs). However, it is a challenge to evaluate the trustworthiness without appropriate hardware support. Hence, we present a hardware-based remote attestation protocol to tackle the problem within WSNs. In our design, each sensor node is equipped with a Trusted Platform Module (TPM) which plays the role of a trusted anchor. We start with the formulation of remote attestation and its security. The complete protocol for both single-hop and multi-hop attestations is then demonstrated. Results show the new protocol is effective, efficient, and secure.
基金supported by the National Natural Science Foundation of China (60803157, 90812001, 61170271)
文摘In order to solve the contradictions between user privacy protection and identity authentication, an anonymous authentication scheme under mobile Internet is proposed, which is based on the direct anonymous attestation of trusted computing and uses the encrypting transfer and signature validation for its implementation. Aiming at two access mode of trusted mobile terminal under mobile Internet, self access and cross-domain access, the authentication process of each mode is described in details. The analysis shows that the scheme implements anonymous authentication on mobile Internet and is correct, controllable and unforgeable.
基金Supported by the National Natural Science Foundation of China (60970113)Sichuan Youth Science and Technology Foundation (2011JQ0038)
文摘For the problem of the original direct anonymous attestation (DAA) scheme's complexity and great time consumption, a new DAA scheme based on symmetric bilinear pairings is presented, which gives a practical solution to ECC-based TPM in protecting the privacy of the TPM. The scheme still includes five procedures or algorithms: Setup, Join, Sign, Verify and Rogue tagging, but gets rid of zero-knowledge proof and takes on a new process and framework, of which the main operations are addition, scalar multiplication and bilinear maps on supersingular elliptic curve systems. Moreover, the scheme adequately utilizes the properties of bilinear maps as well as the signature and verification of the ecliptic curve system itself. Compared with other schemes, the new DAA scheme not only satis- fies the same properties, and shows better simplicity and high effi- ciency. This paper gives not only a detailed security proof of the proposed scheme, but also a careful performance analysis by comparing with the existing DAA schemes.
基金Supported by the National Natural Science Foundation of China(61472429,61070192,91018008,61303074,61170240)the Beijing Municipal Natural Science Foundation(4122041)National High-Technology Research and Development Program of China(863 Program)(2007AA01Z414)
文摘In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.Abstract: In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.
基金Supported by the National Natural Science Foundation of China (60970125)the Major State Basic Research Development Program of China (2007CB310900)
文摘This paper presents vCerberus, a novel hypervisor to provide trusted and isolated code execution within virtual domains vCerberus is considerably tiny, while allowing secure sensitive codes to be executed in an isolated circumstance from the virtual ddmain, and can be attested by a remote party in an efficient way. These properties will be guaranteed even if the guest operating system is malicious. This protects the secure sensitive codes against the malicious codes in the Guest OS, e.g., the kernel rootkits. We present an approach to dynamically measure and isolate the launch environment on the virtual machines based on the para-virtualization technology and a novel virtualization of trusted platform module (TPM). Our performance experiment result shows that the overhead introduced by vCerberus is minimized; the performance of the launch environment in vCerberus is as competitive as the guest OS running on mainstream hypervisors.
