poster

A portable TPM based on USB key

Authors:

Dawei Zhang,

Zhen Han,

Guangwen YanAuthors Info & Claims

CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

Pages 750 - 752

https://doi.org/10.1145/1866307.1866419

Published: 04 October 2010 Publication History

Get Access

Abstract

Trusted computing technology aims to enhance the security of platform by the TPM. But there are some drawbacks of TCG's Trusted Computing architecture for user-based applications. This paper presents a new concept of portable TPM (PTM) based on USB Key to solve those problems. At first, we use PTM to establish a trusted path between the verifier and the user in remote attestation so as to propagate the trust chain to the end user. Secondly, we design the trust model and platform management mechanism of PTM. In this model the single point failure of TPM and frequent sensitive data migrations between different platforms are avoided based on PTM. At last, we implement the PTM on the USB Key with Java Card Runtime Environment. The test results show that the PTM scheme is feasible for user-based application.

References

[1]

}}Trusted Computing Group, Trusted Platform Modules Strengthen User and Platform Authenticity, http://www.trustedcomputinggroup.org, 2005

Google Scholar

[2]

}}Jonathan M. McCune, Adrian Perrig, Arvind Seshadri, Leendert van Doorn. Turtles All The Way Down: Research Challenges in User-Based Attestation, Proceedings of the 2nd USENIX workshop on Hot Topics in Security, USENIX, Boston, USA, 2007

Digital Library

Google Scholar

[3]

}}Sun Microsystems Inc. Java Card Platform Specification 2.2.2. http://java.sun.com/javacard/specs.html, 2006.

Google Scholar

[4]

}}TCG, TPM Main Part 3 Commands, http://www.trustedcomputinggroup.org, 2006

Google Scholar

[5]

}}Dawei Zhang, Peng Hu, Trusted e-commerce user agent based on USB Key, IMECS, Hongkong, China, 2008

Google Scholar

[6]

}}Lei Han, Jiqiang Liu, Dawei Zhang, A Portable TPM Scheme for General-purpose Trusted Computing Based on EFI, International Conference on Multimedia Information Networking and Security,IEEE, Wuhan, China, 2009

Digital Library

Google Scholar

Cited By

View all

Wu PCai QWang QCao H(2021)Building a Secure Video Conference System with Customized Cryptographic USB KeysICC 2021 - IEEE International Conference on Communications10.1109/ICC42927.2021.9500888(1-6)Online publication date: Jun-2021
https://doi.org/10.1109/ICC42927.2021.9500888
Feng WQin YFeng D(2018)Using mobile phones to enhance computing platform trustTelecommunications Systems10.1007/s11235-018-0456-y69:2(187-205)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.1007/s11235-018-0456-y
Feng XYe MSwaminathan VWei SWu WYang JTian QZimmermann R(2017)Towards the Security of Motion Detection-based Video Surveillance on IoT DevicesProceedings of the on Thematic Workshops of ACM Multimedia 201710.1145/3126686.3126713(228-235)Online publication date: 23-Oct-2017
https://dl.acm.org/doi/10.1145/3126686.3126713
Show More Cited By

Index Terms

A portable TPM based on USB key
1. Security and privacy
  1. Systems security
    1. Operating systems security

Recommendations

Research on Trust Evaluation Model Based on TPM
FCST '09: Proceedings of the 2009 Fourth International Conference on Frontier of Computer Science and Technology

Trusted computing is an important research field in information security and trust evaluation for trust model is the key issue to be resolved. It is great significance for ensuring security of trust model for trusted computing to analyze normally and ...
Trusted Computing in Context

The trusted computing technology embodied in the Trusted Platform Modulesecure-coprocessor from the Trusted Computing Group is a hardware-based root of trust thatmakes it possible for the system designer--not the computer owner--to regulate ...
A Portable TPM Scheme for General-Purpose Trusted Computing Based on EFI
MINES '09: Proceedings of the 2009 International Conference on Multimedia Information Networking and Security - Volume 01

Trusted computing is a promising technology for enhancing the security of platform by the TPM. The TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for the trusted platform. It typically is affixed to the ...

Reviews

Reviewer: Amos O Olagunju

Despite the Trusted Computing Group's specifications on security chips for storing cryptographic keys to protect information in trusted platform modules (TPMs), trusted computing between users and remote devices and verifiers poses major vulnerability challenges. The traditional TPM architectures create hash key summaries of hardware and software configurations to physically bind TPMs to specific hardware platforms, thus allowing business organizations to process electronic transactions securely. However, the secure transfer of keys among public endpoint platforms is still a major problem, despite the recently proposed architecture for a mobile TPM [1]. How should the issue of binding one TPM to a platform and several users to one TPM be resolved__?__ Zhang et al. propose a portable TPM (PTM) that: establishes trust with specific verifier devices in user-based TPM applications; assures that the trust chain is relayed back to users; performs remote verification and integrity assessment to reinstate secure data and keys; and overcomes the obligation of secure data to be bound to only a specific device. In the PTM paradigm, one user and several devices share one PTM. The PTM uses a protocol to establish a trusted path with the remote verifier and executes an encryption algorithm to certify the integrity of communication results. The PTM serves as a trusted backup module once it is the original TPM. The TPM utilizes the low pin count (LPC) bus, but the PTM exploits the universal serial bus (USB). The authors implemented a prototype PTM equipped with commands and program units that support the construction and activation of identities, rights administration, platform management, key storage and management, data encryption, integrity compilation, and details. The response times of the PTM commands varied between 0.66 and 94.64 milliseconds, with the majority of the commands executing in less than two milliseconds. The authors present realistic evidence to support the claim that a PTM based on a USB key is a special way to complement TPM with security and platform management routines that augment the overall security of user-based applications. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

October 2010

782 pages

ISBN:9781450302456

DOI:10.1145/1866307

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chairs:
Angelos D. Keromytis
Columbia University, USA
,
Vitaly Shmatikov
University of Texas at Austin, USA

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Poster

Conference

CCS '10

Sponsor:

SIGSAC

CCS '10: 17th ACM Conference on Computer and Communications Security 2010

October 4 - 8, 2010

Illinois, Chicago, USA

Acceptance Rates

CCS '10 Paper Acceptance Rate 55 of 325 submissions, 17%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
851
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)3

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Wu PCai QWang QCao H(2021)Building a Secure Video Conference System with Customized Cryptographic USB KeysICC 2021 - IEEE International Conference on Communications10.1109/ICC42927.2021.9500888(1-6)Online publication date: Jun-2021
https://doi.org/10.1109/ICC42927.2021.9500888
Feng WQin YFeng D(2018)Using mobile phones to enhance computing platform trustTelecommunications Systems10.1007/s11235-018-0456-y69:2(187-205)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.1007/s11235-018-0456-y
Feng XYe MSwaminathan VWei SWu WYang JTian QZimmermann R(2017)Towards the Security of Motion Detection-based Video Surveillance on IoT DevicesProceedings of the on Thematic Workshops of ACM Multimedia 201710.1145/3126686.3126713(228-235)Online publication date: 23-Oct-2017
https://dl.acm.org/doi/10.1145/3126686.3126713
Yang GLiu JHan L(2016)An ID-based node key management scheme based on PTPM in MANETsSecurity and Communication Networks10.1002/sec.12069:15(2816-2826)Online publication date: 1-Oct-2016
https://dl.acm.org/doi/10.1002/sec.1206
Proskurin SWeiβ MSigl G(2015)seTPMRevised Selected Papers of the 14th International Conference on Smart Card Research and Advanced Applications - Volume 951410.1007/978-3-319-31271-2_4(57-74)Online publication date: 4-Nov-2015
https://dl.acm.org/doi/10.1007/978-3-319-31271-2_4
Feng WFeng DWei GQin YZhang QChang D(2013)TEEM: A User-Oriented Trusted Mobile Device for Multi-platform Security ApplicationsTrust and Trustworthy Computing10.1007/978-3-642-38908-5_10(133-141)Online publication date: 2013
https://doi.org/10.1007/978-3-642-38908-5_10
Feng WQin YFeng DWei GXue LChang D(2013)Mobile Trusted Agent (MTA): Build User-Based Trust for General-Purpose Computer PlatformNetwork and System Security10.1007/978-3-642-38631-2_23(307-320)Online publication date: 2013
https://doi.org/10.1007/978-3-642-38631-2_23

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Research on Trust Evaluation Model Based on TPM

Trusted Computing in Context

A Portable TPM Scheme for General-Purpose Trusted Computing Based on EFI

Reviews

Access critical reviews of Computing literature here

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Research on Trust Evaluation Model Based on TPM

Trusted Computing in Context

A Portable TPM Scheme for General-Purpose Trusted Computing Based on EFI

Reviews

Access critical reviews of Computing literature here

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations