Abstract
The Trusted Computing Group (TCG) has developed specifications for computing platforms that create a foundation of trust for software processes, based on a small amount of extra hardware [1,2]. Several million commercial desktop and laptop products have been shipped based upon this technology, and there is increasing interest in deploying further products. This paper presents a mechanism for using trusted computing in the context of identity management to deal with the problem of providing migration of identity and confidential information across users’ personal systems and multiple enterprise IT back-end systems in a safe and trusted way.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Pearson, S. (ed.): Trusted Computing Platforms. Prentice-Hall, Englewood Cliffs (2002)
TCG: TCG Main Specification, v1.1b (2003), Available via: http://www.trustedcomputinggroup.org
Brands, S.: A Semi-Technical Overview of Digital Credentials. International Journal on Information Security (August 2002), Available via: http://www.credentica.com
Pretty Good Privacy, See: http://www.pgpi.org
Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudeonymity – a proposal for terminology. In: Federrath, H. (ed.) International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability, pp. 1–9. Springer, New York (2001)
Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization, IETF (1999)
IETF: IETF PKIX Working Group (2005), http://www.ietf.org/html.charters/pkix-charter.html
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI Certificate Theory, RFC 2693, IETF (1999)
W3C, XML Signature WG (2003), http://www.w3.org/Signature/
Arbaugh, W.: Improving the TCPA specification. IEEE Computer, Los Alamitos (2002)
Pearson, S.: Trusted Computing: Strengths, Weaknesses and Further Opportunities for Enhancing Privacy. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 305–320. Springer, Heidelberg (2005)
TCG: Interoperability Specification for Backup and Migration Services, v1.0 (June 2005), Available via: www.trustedcomputinggroup.org
Hughes, J.: Certificate inter-operability – White Paper. Computers and Security, International Journal devoted to the study of technical and financial aspects of computer security 18(3), 221–230 (1999)
Herzberg, A., Mass, Y.: Relying Party Credentials Framework. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 328–343. Springer, Heidelberg (2001)
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 213. Springer, Heidelberg (2001)
Cocks, C.: An Identity Based Encryption Scheme based on Quadratic Residues, Communications Electronics Security Group (CESG), UK (2001), Available via: http://www.cesg.gov.uk/technology/id-pkc/media/ciren.pdf
Wave System, Embassy Key Management Server (2006), http://www.wave.com/products/ktmes.html
Intel, LaGrande Technology Architectural Overview (September 2003), Available via: http://www.intel.com/technology/security/downloads/LT_Arch_Overview.pdf
Microsoft, Next-Generation Secure Computing Base home page (2006), http://www.microsoft.com/resources/ngscb
Liberty Alliance Project (2006), http://www.projectliberty.org/
W3C, XML Key Management Specification (XKMS) (2003), http://www.w3.org/TR/xkms/
IBM, The Enterprise Privacy Authorization Language (EPAL), EPAL 1.2 specification, IBM (2004), http://www.zurich.ibm.com/security/enterprise-privacy/epal/
OASIS, eXtensible Access Control Markup Language (XACML), http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
W3C, The Platform for Privacy Preferences 1.0 (2002), http://www.w3.org/TR/P3P/
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language (2001), Available via: http://www-dse.doc.ic.ac.uk/research/policies/index.shtml
Casassa Mont, M., Pearson, S., Bramhall, P.: Towards Accountable Management of Privacy and Identity Information. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 146–161. Springer, Heidelberg (2003)
Biskup, J., Karabulut, Y.: A hybrid PKI model with an application for secure mediation. In: 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England (July 2002)
Chaum, D.: Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the ACM 24(2) (February 1981)
Chaum, D.: Achieving Electronic Privacy. Scientific American, pp. 96–101 ( August 1992)
Chaum, D.: Showing credentials without identification. In: Pichler, F. (ed.) EUROCRYPT 1985. LNCS, vol. 219, pp. 241–244. Springer, Heidelberg (1986)
Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings 17th Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)
Casassa Mont, M., Bramhall, P., Dalton, C.R., Harrison, K.: A Flexible Role-based Secure Messaging Service: Exploiting IBE in a Health Care Trial, HPL-2003-21 (2003)
Casassa Mont, M., Harrison, K., Sadler, M.: The HP Time Vault Service: Exploiting IBE for Timed Release of Confidential Information. In: WWW 2003 (2003)
PRIME Project: Privacy and Identity Management for Europe, European RTD Integrated Project under the FP6/IST Programme (2005), http://www.prime-project.eu.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pearson, S., Mont, M.C. (2006). Provision of Trusted Identity Management Using Trust Credentials. In: Stølen, K., Winsborough, W.H., Martinelli, F., Massacci, F. (eds) Trust Management. iTrust 2006. Lecture Notes in Computer Science, vol 3986. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11755593_20
Download citation
DOI: https://doi.org/10.1007/11755593_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34295-3
Online ISBN: 978-3-540-34297-7
eBook Packages: Computer ScienceComputer Science (R0)