Eimear Gallery

Trusted mobile platforms

This article addresses two main topics. Firstly, we review the operation of trusted computing technology, which now appears likely to be implemented in future mobile devices (including mobile phones, PDAs, etc.). Secondly, we consider the possible applications of this technology in mobile devices, and how these applications can be supported using trusted computing technology. We focus in particular on three mobile applications, namely OMA DRM, SIMLock, and software download.

Property Based Attestation and Trusted Computing: Analysis and Challenges

Trusted computing attestation mechanism relies on hash measurements to realize remote party attestation in distributed systems. Property based attestation enables more meaningful attestation by abstracting low level binary values to high level security properties or functions of systems. The contribution of this paper is two fold. In the first part of the paper, we provide an analysis of the different types of property based attestation mechanisms that have been proposed in the recent years. We categorize these mechanisms as derivation based, delegation based and enforcement based and analyze each of them with a particular focus on their limitations. In the second part, we provide a list of challenges for property based attestation. We believe this to be an useful exercise to help better understand the issues that limit the practical applicability of property based attestation in real world systems.

Challenges for Trusted Computing

Trusted computing is proving to be one of the most controversial technologies in recent years. Rather than become embroiled in the debate over possible (mis)appropriations of its technologies, the authors highlight some of the technical obstacles that might hinder trusted computings widespread adoption.

Trusted Computing: Security and Applications

Abstract The main objective of this paper is to highlight some of the major security and application issues confronting trusted computing technology. This technology—now present in a large proportion of new PCs and incorporating a wide range of cryptographic functionality—has the potential to have a major practical impact, but it has not been widely discussed. This paper is an attempt to encourage greater debate about this technology and its possible implications. Following a brief introduction to the history of trusted computing, we provide a summary of its main features. This leads naturally to a consideration of the issues that may impede its use, including potential problems with its cryptographic components. Possible applications of the technology are then discussed.

Conditional access in mobile systems: securing the application

This paper describes two protocols for the secure download of content protection software to mobile devices. The protocols apply concepts from trusted computing to demonstrate that a platform is in a sufficiently trustworthy state before any application or associated keys are securely downloaded. The protocols are designed to allow mobile devices to receive broadcast content protected by proprietary conditional access applications. They may also be applied in the general case where demonstration of a secure execution environment is required before an application is downloaded.

Mobile Agents and the Deus Ex Machina

This paper aims to examine the benefits the introduction of trusted computing can bring to the mobile agent paradigm, with a specific emphasis on mobile agent security.

Securing Grid Workflows with Trusted Computing

We propose a novel scheme that uses Trusted Computing technology to secure Grid workflows. This scheme allows the selection of trustworthy resource providers based on their platform states. The integrity and confidentiality of workflow jobs are provided using cryptographic keys that can only be accessed when resource provider platforms are in trustworthy states. In addition, platform attestation is used to detect potential workflow execution problems, and the information collected can be used for process provenance.

A Property-Dependent Agent Transfer Protocol

This paper examines how a secure agent transfer protocol based upon TCG-defined mechanisms can be improved using property-based platform state information. In doing so, we demonstrate a practical implementation of property-based platform attestation using an enhanced version of the component property certificates defined in [16]. To illustrate our solution we provide examples of properties and component property certificates given a mobile aglet that is destined to execute on a group of devices, where the mobile aglet originator wishes to protect the confidentiality of the aglet code.