Abstract
Trusted computing technology can establish trust in the local computer platform by a trusted boot, and can further transfer the trust to a remote verifier through a remote attestation mechanism. However, no standard solution is provided to convey the trust information to users in a friendly manner. Existing methods have no implementation, or need users to buy a specific USB device (an additional purchasing burden for users). To establish user-based trust, we summarize possible solutions and classify the related works according to each solution. After comparing these solutions, we provide a better method “Mobile Trusted Agent (MTA)”, which uses a general mobile device as a reliable medium to establish a secure channel between the local user and the remote verifier. Finally, we have implemented MTA using an ARM SoC device and evaluated the performance of the protocol for secure channel. The evaluation results demonstrate that MTA has high quality and flexibility for building user-based trust.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Trusted Computing Group. Trusted platform module main specification. Version 1.2, Revision 103 (2007)
State Cryptography Administration. Functionality and Interface Specification of Cryptographic Support Platform for Trusted Computing (2007)
Ryan, M.: Introduction to the TPM 1.2 (March 24, 2009)
McCune, J.M., Perrig, A., Seshadri, A., van Doorn, L.: Turtles All The Way Down: Research Challenges in User-Based Attestation. In: Proceedings of the 2nd USENIX Workshop on Hot Topics in Security. USENIX, Boston (2007)
Parno, B.: Bootstrapping Trust in a “Trusted” Platform. In: Proceedings of the 3rd USENIX Workshop on Hot Topics in Security, San Jose, CA (July 29, 2008)
Parno, B., McCune, J.M., Perrig, A.: Bootstrapping Trust in Commodity Computers. In: Proceedings of the IEEE Symposium on Security and Privacy (May 2010)
Vasudevan, A., Parno, B., Qu, N., Gligor, V., Perrig, A.: Lockdown: A Safe and Practical Environment for Security Applications, CMU-CyLab-09-011 (2009)
Sparks, E.R.: A security assessment of trusted platform modules. Technical Report TR2007-597, Dartmouth College (2007)
Zhang, D., Han, Z., Yan, G.: A Portable TPM Based on USB Key. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, New York, NY, USA (2010)
Han, L., Liu, J., Zhang, D.: A Portable TPM Scheme for General-purpose Trusted Computing Based on EFI. In: International Conference on Multimedia Information Networking and Security. IEEE, Wuhan (2009)
Keller, E., Szefer, J., Rexford, J., Lee, R.B.: NoHype: Virtualized cloud infrastructure without the virtualization. In: Proc. International Symposium on Computer Architecture (June 2010)
McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An Execution Infrastructure for TCB Minimization. In: Proceedings of the ACM European Conference on Computer Systems, Glasgow, Scotland (2008)
McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: Efficient TCB Reduction and Attestation. In: IEEE Symposium on Security and Privacy (2010)
Advanced Micro Devices. AMD64 architecture programmer’ manual. System programming, vol. 2. AMD Publication no. 24593 rev.3.14 (September 2007)
Intel Corporation. Intel trusted execution technology-software development guide. Document number 315168-005 (June 2008)
Aaraj, N., Raghunathan, A., Jha, N.K.: Analysis and design of a hardware/software trusted platform module for embedded systems. ACM Transactions on Embedded Computing Systems 8(1), 1–31 (2008)
Aaraj, N., Raghunathan, A., Ravi, S., Jha, A.K.: Energy and Execution Time Analysis of a Software-based Trusted Platform Module. In: Proceedings of the Conference on Design, Automation and Test in Europe. IEEE (2007)
Strasser, M.: TPM Emulator, http://tpm-emulator.berlios.de
Software TPM Introduction (IBM), http://ibmswtpm.sourceforge.net
CodeSourcery ARM EABI toolchain, https://sourcery.mentor.com/sgpp/lite/arm/portal/subscription?template=lite
Dietrich, K., Winter, J.: Implementation Aspects of Mobile and Embedded Trusted Computing. In: Proceedings of the 2nd International Conference on Trusted Computing, Oxford, UK, April 06-08 (2009)
Hein, D.M., Toegl, R., Pirker, M., Gatial, E., Balogh, Z., Brandl, H., Hluchy, L.: Securing mobile agents for crisis management support. In: STC 2012: Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing, pp. 85–90. ACM, New York (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Feng, W., Qin, Y., Feng, D., Wei, G., Xue, L., Chang, D. (2013). Mobile Trusted Agent (MTA): Build User-Based Trust for General-Purpose Computer Platform. In: Lopez, J., Huang, X., Sandhu, R. (eds) Network and System Security. NSS 2013. Lecture Notes in Computer Science, vol 7873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38631-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-38631-2_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38630-5
Online ISBN: 978-3-642-38631-2
eBook Packages: Computer ScienceComputer Science (R0)