Skip to main content

Establishing a Trust Relationship in Cooperative Information Systems

  • Conference paper
On the Move to Meaningful Internet Systems 2006: CoopIS, DOA, GADA, and ODBASE (OTM 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4275))

  • 875 Accesses

Abstract

One method for establishing a trust relationship between two servers in a co-operative information system is to use a mutual attestation protocol based on hardware that implements the Trusted Computing Group’s TPM specification. It has been our experience in developing an eHealth demonstration system that the efficiency of such a protocol was relatively low. This inefficiency was a result of the high number of TPM function calls in response to the large number of protocol messages that must be sent by the end server systems to establish mutual trust between them prior to sending each application message (in our case, a medical record). In order to address this inefficiency, we developed a session-based mutual attestation protocol, where multiple application messages are sent over an interval of time where an established trust relationship holds. Moreover, the protocol partially addresses the security flaw due to the time interval between the time-of-attestation and time-of-use. This paper presents this new protocol, once again utilizing TPM microcontroller hardware, and compares its performance with that of our previous (per record) mutual attestation protocol.

An erratum to this chapter can be found at http://dx.doi.org/10.1007/11914853_71.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. TCG specification v1.1, https://www.trustedcomputinggroup.org/specs/TPM/

  2. WS-BusinessActivity, ftp://www6.software.ibm.com/software/developer/library/WS-BusinessActivity.pdf

  3. Shi, E., Perrig, A., Van, D.L.: BIND: a fine-grained attestation service for secure distributed systems. In: IEEE Symposium on Security and Privacy, pp. 154–168 (2005)

    Google Scholar 

  4. Nepal, S., Zic, J., Jaccard, F., Krachenbuehl, G.: A Tag-based Data model for privacy-preserving medical applications. In: Proceedings of EDBT IIHA Workshop, Munich, Germany, pp. 77–88 (2006)

    Google Scholar 

  5. Nepal, S., Zic, J., Krachenbuehl, G., Jaccard, F.: Secure Sharing of Electronic Patient Records. In: 1st European Conference on eHealth, Fribourg, Switzerland, October 12-13 (2006) (to appear)

    Google Scholar 

  6. Australian Government Department of Health and Aging Project. Consumer consent in electronic health data exchange – e-consent

    Google Scholar 

  7. O’Keefe, C.M., Greenfield, P., Goodchild, A.: A Decentralised Approach to Electronic Consent and Health Information Access Control. Journal of Research and Practice in Information Technology 37(2), 161–178 (2005)

    Google Scholar 

  8. Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: Proceedings of the 11th USENIX Security Symposium, USENIX (August 2003)

    Google Scholar 

  9. Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWAtt: SoftWare-based Attestation for embedded devices. In: Proceedings of IEEE Symposium on Security and Privacy (May 2004)

    Google Scholar 

  10. Monrose, F., Wyckoff, P., Rubin, A.D.: Distributed execution with remote audit. In: ISOC Network and Distributed System Security Symposium, pp. 103–113 (1999)

    Google Scholar 

  11. Haldar, V., Franz, M.: Symmetric Behavior-Based Trust: A New Paradigm for Internet Computing. In: New Security Paradigms Workshop (September 2004)

    Google Scholar 

  12. Reid, J., Juan, M., Nieto, G., Dawson, E., Okamoto, E.: Privacy and Trusted Computing. In: Mařík, V., Štěpánková, O., Retschitzegger, W. (eds.) DEXA 2003. LNCS, vol. 2736, p. 383. Springer, Heidelberg (2003)

    Google Scholar 

  13. AMD platform for trustworthy computing. WinHEC 2003 (September 2003), http://www.microsoft.com/whdc/winhec/papers03.mspx

  14. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Terra, D.B.: A virtual machine-based platform for trusted computing. In: Proceedings of Symposium on Operating System Principles (SOSP) (October 2003)

    Google Scholar 

  15. Yoshihama, S., Ebringer, T., Nakamura, M., Munetoh, S.: WS-Attestation: Efficient and Fine-Grained Remote Attestation on Web Services. In: International Conference on Web Services, July 2005, pp. 743–750 (2005)

    Google Scholar 

  16. Web Services Trust Language (WS-Trust), http://specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf

  17. Xiong, L., Liu, L.: A reputation-based trust model for peer-to-peer ecommerce communities. In: Proceedings of 4th ACM Conference on Electronic Commerce, pp. 228–229 (2003)

    Google Scholar 

  18. Millen, J.K., Wright, R.N.: Reasoning about Trust and Insurance in a Public Key Infrastructure. In: 13th IEEE Computer Security Foundations Workshop (CSFW), pp. 16–22 (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jang, J., Nepal, S., Zic, J. (2006). Establishing a Trust Relationship in Cooperative Information Systems. In: Meersman, R., Tari, Z. (eds) On the Move to Meaningful Internet Systems 2006: CoopIS, DOA, GADA, and ODBASE. OTM 2006. Lecture Notes in Computer Science, vol 4275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11914853_26

Download citation

  • DOI: https://doi.org/10.1007/11914853_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-48287-1

  • Online ISBN: 978-3-540-48289-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics