论文信息 - Privacy and trusted computing

Privacy and trusted computing

This paper examines a model of trusted computing wherein a computing platform is able to make assertions about its current software configuration that may be trusted by the user and remote third parties. The privacy implications of this approach are investigated in the context of the Trusted Computing Platform Alliance (TCPA) specification. The trust relationships of the TCPA architecture are examined in detail. An analysis of the revocation requirements inherent in the TCPA design is presented, which highlights the challenges that revocation presents in the context of a large scale deployment of TCPA platforms. Finally, a modification to the specification is suggested that reduces the level of trust that need to be placed on the Privacy CA.

[1] William A. Arbaugh,et al. Chaining layered integrity checks , 1999 .

[2] Barbara Gengler. Reports: Trusted Computing Platform Alliance , 2001 .

[3] Robert F. Dacey. Critical infrastructure protection : Significant challenges in developing national capabilities , 2001 .

[4] F. Schneider. Trust in Cyberspace , 1998 .

[5] James P Anderson,et al. Computer Security Technology Planning Study , 1972 .

[6] Eric R. Verheul,et al. Self-Blindable Credential Certificates from the Weil Pairing , 2001, ASIACRYPT.

[7] Ronald L. Rivest,et al. Can We Eliminate Certificate Revocations Lists? , 1998, Financial Cryptography.

[8] Jan Camenisch,et al. An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[9] Siani Pearson,et al. Trusted Computing Platforms: TCPA Technology in Context , 2002 .

[10] Bruce Schneier,et al. Ten Risks of PKI , 2004 .

[11] Siva Sai Yerubandi,et al. Differential Power Analysis , 2002 .

[12] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.

[13] Stephen Smalley,et al. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[14] William A. Arbaugh,et al. A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).