The SITDRM Enterprise system [N. Sheppard, R. Safavi-Naini ''Protecting Privacy with the MPEG-21 IPMP Framework''. International Workshop on Privacy Enhancing Technologies 2006, pp. 152-171] protects private customer data by allowing customers to provide policies in the form of a machine-readable license. When employees of an organization want to use customers' data, they must be forced to abide by the licences provided. Some sort of hardened terminal must be used to ensure that not only the hardware and software will cooperate, but that the user of the terminal will too. We use the Trusted Computing Group's specifications for a trusted platform upon which to build a data user terminal that can be proved to implement correct license-enforcing behavior. A Trusted Platform Module (TPM) and a TPM-using operating system are all that may be required to construct a verifiably secure terminal.
[1]
Karim Faez,et al.
Open-Source Applications of TCPA Hardware
,
2007
.
[2]
Tal Garfinkel,et al.
Terra: a virtual machine-based platform for trusted computing
,
2003,
SOSP '03.
[3]
Reihaneh Safavi-Naini,et al.
Protecting Privacy with the MPEG-21 IPMP Framework
,
2006,
Privacy Enhancing Technologies.
[4]
Markus Jakobsson,et al.
How to Forget a Secret
,
1999,
STACS.
[5]
Theodore Y. Ts'o,et al.
Kerberos: an authentication service for computer networks
,
1994,
IEEE Communications Magazine.
[6]
Tal Garfinkel,et al.
Shredding Your Garbage: Reducing Data Lifetime Through Secure Deallocation
,
2005,
USENIX Security Symposium.