Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trust Management

iTrust 2006: Trust Management pp 267–282Cite as

Provision of Trusted Identity Management Using Trust Credentials

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3986))

Abstract

The Trusted Computing Group (TCG) has developed specifications for computing platforms that create a foundation of trust for software processes, based on a small amount of extra hardware [1,2]. Several million commercial desktop and laptop products have been shipped based upon this technology, and there is increasing interest in deploying further products. This paper presents a mechanism for using trusted computing in the context of identity management to deal with the problem of providing migration of identity and confidential information across users’ personal systems and multiple enterprise IT back-end systems in a safe and trusted way.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Pearson, S. (ed.): Trusted Computing Platforms. Prentice-Hall, Englewood Cliffs (2002)

    Google Scholar 

  2. TCG: TCG Main Specification, v1.1b (2003), Available via: http://www.trustedcomputinggroup.org

  3. Brands, S.: A Semi-Technical Overview of Digital Credentials. International Journal on Information Security (August 2002), Available via: http://www.credentica.com

  4. Pretty Good Privacy, See: http://www.pgpi.org

  5. Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudeonymity – a proposal for terminology. In: Federrath, H. (ed.) International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability, pp. 1–9. Springer, New York (2001)

    Google Scholar 

  6. Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization, IETF (1999)

    Google Scholar 

  7. IETF: IETF PKIX Working Group (2005), http://www.ietf.org/html.charters/pkix-charter.html

  8. Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI Certificate Theory, RFC 2693, IETF (1999)

    Google Scholar 

  9. W3C, XML Signature WG (2003), http://www.w3.org/Signature/

  10. Arbaugh, W.: Improving the TCPA specification. IEEE Computer, Los Alamitos (2002)

    Google Scholar 

  11. Pearson, S.: Trusted Computing: Strengths, Weaknesses and Further Opportunities for Enhancing Privacy. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 305–320. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. TCG: Interoperability Specification for Backup and Migration Services, v1.0 (June 2005), Available via: www.trustedcomputinggroup.org

  13. Hughes, J.: Certificate inter-operability – White Paper. Computers and Security, International Journal devoted to the study of technical and financial aspects of computer security 18(3), 221–230 (1999)

    Google Scholar 

  14. Herzberg, A., Mass, Y.: Relying Party Credentials Framework. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 328–343. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 213. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Cocks, C.: An Identity Based Encryption Scheme based on Quadratic Residues, Communications Electronics Security Group (CESG), UK (2001), Available via: http://www.cesg.gov.uk/technology/id-pkc/media/ciren.pdf

  17. Wave System, Embassy Key Management Server (2006), http://www.wave.com/products/ktmes.html

  18. Intel, LaGrande Technology Architectural Overview (September 2003), Available via: http://www.intel.com/technology/security/downloads/LT_Arch_Overview.pdf

  19. Microsoft, Next-Generation Secure Computing Base home page (2006), http://www.microsoft.com/resources/ngscb

  20. Liberty Alliance Project (2006), http://www.projectliberty.org/

  21. W3C, XML Key Management Specification (XKMS) (2003), http://www.w3.org/TR/xkms/

  22. IBM, The Enterprise Privacy Authorization Language (EPAL), EPAL 1.2 specification, IBM (2004), http://www.zurich.ibm.com/security/enterprise-privacy/epal/

  23. OASIS, eXtensible Access Control Markup Language (XACML), http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml

  24. W3C, The Platform for Privacy Preferences 1.0 (2002), http://www.w3.org/TR/P3P/

  25. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language (2001), Available via: http://www-dse.doc.ic.ac.uk/research/policies/index.shtml

  26. Casassa Mont, M., Pearson, S., Bramhall, P.: Towards Accountable Management of Privacy and Identity Information. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 146–161. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  27. Biskup, J., Karabulut, Y.: A hybrid PKI model with an application for secure mediation. In: 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England (July 2002)

    Google Scholar 

  28. Chaum, D.: Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the ACM 24(2) (February 1981)

    Google Scholar 

  29. Chaum, D.: Achieving Electronic Privacy. Scientific American, pp. 96–101 ( August 1992)

    Google Scholar 

  30. Chaum, D.: Showing credentials without identification. In: Pichler, F. (ed.) EUROCRYPT 1985. LNCS, vol. 219, pp. 241–244. Springer, Heidelberg (1986)

    Chapter  Google Scholar 

  31. Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  32. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings 17th Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)

    Google Scholar 

  33. Casassa Mont, M., Bramhall, P., Dalton, C.R., Harrison, K.: A Flexible Role-based Secure Messaging Service: Exploiting IBE in a Health Care Trial, HPL-2003-21 (2003)

    Google Scholar 

  34. Casassa Mont, M., Harrison, K., Sadler, M.: The HP Time Vault Service: Exploiting IBE for Timed Release of Confidential Information. In: WWW 2003 (2003)

    Google Scholar 

  35. PRIME Project: Privacy and Identity Management for Europe, European RTD Integrated Project under the FP6/IST Programme (2005), http://www.prime-project.eu.org/

Download references

Author information

Authors and Affiliations

  1. Trusted Systems Laboratory, Hewlett Packard Research Labs, Filton Road, Stoke Gifford, Bristol, BS34 8QZ, UK

    Siani Pearson & Marco Casassa Mont

Authors
  1. Siani Pearson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marco Casassa Mont
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Oslo, Norway

    Ketil Stølen

  2. Department of Computer Science, University of Texas, San Antonio, USA

    William H. Winsborough

  3. IIT CNR, Pisa, via Moruzzi, 1, 56125, Pisa, Italy

    Fabio Martinelli

  4. University of Trento, Povo, (Trento), Italy

    Fabio Massacci

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pearson, S., Mont, M.C. (2006). Provision of Trusted Identity Management Using Trust Credentials. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds) Trust Management. iTrust 2006. Lecture Notes in Computer Science, vol 3986. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11755593_20

Download citation

  • DOI: https://doi.org/10.1007/11755593_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-34295-3

  • Online ISBN: 978-3-540-34297-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation