O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Trusted Computing

Book Description

The book summarizes key concepts and theories in trusted computing, e.g., TPM, TCM, mobile modules, chain of trust, trusted software stack etc, and discusses the configuration of trusted platforms and network connections. It also emphasizes the application of such technologies in practice, extending readers from computer science and information science researchers to industrial engineers.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Contents
  5. 1 Introduction
    1. 1.1 Related Work
      1. 1.1.1 Security Chip
      2. 1.1.2 Trust within a Terminal Platform
      3. 1.1.3 Trust between Platforms
      4. 1.1.4 Trust in Network
      5. 1.1.5 Test and Evaluation of Trusted Computing
    2. 1.2 Our Work
      1. 1.2.1 Chain of Trust
      2. 1.2.2 Remote Attestation
      3. 1.2.3 Trusted Network Connection
      4. 1.2.4 Application of Trusted Computing
      5. 1.2.5 Test and Evaluation of Trusted Computing
    3. 1.3 Problems and Challenges
    4. 1.4 Structure of This Book
  6. 2 Trusted Platform Module
    1. 2.1 Design Goals
    2. 2.2 TPM Security Chip
      1. 2.2.1 Introduction
      2. 2.2.2 Platform Data Protection
      3. 2.2.3 Identification
      4. 2.2.4 Integrity Storage and Reporting
      5. 2.2.5 Resource Protection
      6. 2.2.6 Auxiliary Functions
    3. 2.3 TCM Security Chip
      1. 2.3.1 Main Functionalities
      2. 2.3.2 Main Command Interfaces
    4. 2.4 Mobile Trusted Module
      1. 2.4.1 Main Features of MTM
      2. 2.4.2 MTM Functionalities and Commands
    5. 2.5 Developments of Related New Technologies
      1. 2.5.1 Dynamic Root of Trust for Measurement
      2. 2.5.2 Virtualization Technology
    6. 2.6 Summary
  7. 3 Building Chain of Trust
    1. 3.1 Root of Trust
      1. 3.1.1 Introduction of Root of Trust
      2. 3.1.2 Root of Trust for Measurement
      3. 3.1.3 Root of Trust for Storage and Reporting
    2. 3.2 Chain of Trust
      1. 3.2.1 The Proposal of Chain of Trust
      2. 3.2.2 Categories of Chain of Trust
      3. 3.2.3 Comparisons between Chains of Trust
    3. 3.3 Systems Based on Static Chain of Trust
      1. 3.3.1 Chain of Trust at Bootloader
      2. 3.3.2 Chain of Trust in OS
      3. 3.3.3 The ISCAS Chain of Trust
    4. 3.4 Systems Based on Dynamic Chain of Trust
      1. 3.4.1 Chain of Trust at Bootloader
      2. 3.4.2 Chain of Trust in OS
    5. 3.5 Chain of Trust for Virtualization Platforms
    6. 3.6 Summary
  8. 4 Trusted Software Stack
    1. 4.1 TSS Architecture and Functions
      1. 4.1.1 TSS Architecture
      2. 4.1.2 Trusted Device Driver
      3. 4.1.3 Trusted Device Driver Library
      4. 4.1.4 Trusted Core Services
      5. 4.1.5 Trusted Service Provider
    2. 4.2 TSS Interface
      1. 4.2.1 Object Type in TSM
      2. 4.2.2 TDDL Interface in TSM
      3. 4.2.3 TCS Interface in TSM
      4. 4.2.4 TSP Interface in TSM
    3. 4.3 Trusted Application Development
      1. 4.3.1 Calling Method of Interfaces
      2. 4.3.2 Example 1: File Encryption and Decryption
      3. 4.3.3 Example 2: Signature Verification in DRM
    4. 4.4 Open-Source TSS Implementation
      1. 4.4.1 TrouSerS
      2. 4.4.2 jTSS
      3. 4.4.3 μTSS
    5. 4.5 Summary
  9. 5 Trusted Computing Platform
    1. 5.1 Introduction
      1. 5.1.1 Development and Present Status
      2. 5.1.2 Basic Architecture
    2. 5.2 Personal Computer
      1. 5.2.1 Specification
      2. 5.2.2 Products and Applications
    3. 5.3 Server
      1. 5.3.1 Specification
      2. 5.3.2 Products and Applications
    4. 5.4 Trusted Mobile Platform
      1. 5.4.1 Specification
      2. 5.4.2 Generalized Architecture
      3. 5.4.3 Implementation of Trusted Mobile Platform
      4. 5.4.4 Applications
    5. 5.5 Virtualized Trusted Platform
      1. 5.5.1 Requirements and Specification
      2. 5.5.2 Generalized Architecture
      3. 5.5.3 Implementation of Virtualized Trusted Platform
      4. 5.5.4 Applications
    6. 5.6 Applications of Trusted Computing Platform
      1. 5.6.1 Data Protection
      2. 5.6.2 Security Authentication
      3. 5.6.3 System Security Enhancement
      4. 5.6.4 Trusted Cloud Services
      5. 5.6.5 Other Applications
    7. 5.7 Summary
  10. 6 Test and Evaluation of Trusted Computing
    1. 6.1 Compliance Test for TPM/TCM Specifications
      1. 6.1.1 Test Model
      2. 6.1.2 Test Method
      3. 6.1.3 Test Implementation
    2. 6.2 Analysis of Security Mechanism of Trusted Computing
      1. 6.2.1 Analysis Based on Model Checking
      2. 6.2.2 Analysis Based on Theorem Proving
    3. 6.3 Evaluation and Certification of Trusted Computing
      1. 6.3.1 Common Criteria
      2. 6.3.2 TPM and TNC Certification
    4. 6.4 Comprehensive Test and Analysis System of Trusted Computing Platform
      1. 6.4.1 Architecture and Functions of System
      2. 6.4.2 Compliance Test for TPM/TCM Specification
      3. 6.4.3 Tests of Cryptography Algorithms and Randoms
      4. 6.4.4 Simulation of Security Chip and Protocol
      5. 6.4.5 Promotion and Application
    5. 6.5 Summary
  11. 7 Remote Attestation
    1. 7.1 Remote Attestation Principle
      1. 7.1.1 Technology Foundation
      2. 7.1.2 Protocol Model
      3. 7.1.3 Interface Implementation
    2. 7.2 Comparison of Remote Attestation Researches
      1. 7.2.1 Attestation of Platform Identity
      2. 7.2.2 Attestation of Platform Integrity
    3. 7.3 Attestation of Platform Identity
      1. 7.3.1 Attestation of Platform Identity Based on Privacy CA
      2. 7.3.2 Direct Anonymous Attestation
      3. 7.3.3 Research Prospects
    4. 7.4 Attestation of Platform Integrity
      1. 7.4.1 Binary Remote Attestation
      2. 7.4.2 Property-Based Remote Attestation
      3. 7.4.3 Research Prospects
    5. 7.5 Remote Attestation System and Application
      1. 7.5.1 Remote Attestation System in Security PC
      2. 7.5.2 Integrity Verification Application on Mobile Platform
      3. 7.5.3 Remote Attestation Integrated with the TLS Protocol
    6. 7.6 Summary
  12. 8 Trust Network Connection
    1. 8.1 Background of TNC
      1. 8.1.1 Introduction to NAC
      2. 8.1.2 Commercial NAC Solutions
      3. 8.1.3 Defects of Current Solutions and TNC Motivation
    2. 8.2 Architecture and Principles of TNC
      1. 8.2.1 Standard Architecture
      2. 8.2.2 Overall Architecture
      3. 8.2.3 Workflow
      4. 8.2.4 The Advantages and Disadvantages of TNC
    3. 8.3 Research on Extension of TNC
      1. 8.3.1 Overview of the TNC Research
      2. 8.3.2 Trust@FHH
      3. 8.3.3 ISCAS Trusted Network Connection System
    4. 8.4 Application of Trusted Network Connection
    5. 8.5 Summary
  13. Appendix A: Foundations of Cryptography
    1. A.1 Block Cipher Algorithm
      1. A.1.1 AES
      2. A.1.2 SMS4
    2. A.2 Public-Key Cryptography Algorithm
      1. A.2.1 RSA
      2. A.2.2 Elliptic Curve Public-Key Encryption Algorithm
      3. A.2.3 SM2 Public-Key Encryption Algorithm
    3. A.3 Digital Signature Algorithm
      1. A.3.1 ECDSA Digital Signature Algorithm
      2. A.3.2 SM2 Digital Signature
    4. A.4 Hash Function
      1. A.4.1 SHA-256 Hash Algorithm
      2. A.4.2 SM3 Hash Algorithm
    5. A.5 Key Exchange Protocols
      1. A.5.1 MQV Key Exchange Protocol
      2. A.5.2 SM2 Key Exchange Protocol
  14. References
  15. Index