book

Trusted Computing

Name: Trusted Computing
ISBN: 9783110476095

by Dengguo Feng, Tsinghua University Tsinghua University Press

December 2017

Intermediate to advanced

311 pages

10h 23m

English

De Gruyter

Read now

Unlock full access

Cover
Title Page
Copyright
Contents
1 Introduction
1.1 Related Work1.1.1 Security Chip1.1.2 Trust within a Terminal Platform1.1.3 Trust between Platforms1.1.4 Trust in Network1.1.5 Test and Evaluation of Trusted Computing1.2 Our Work1.2.1 Chain of Trust1.2.2 Remote Attestation1.2.3 Trusted Network Connection1.2.4 Application of Trusted Computing1.2.5 Test and Evaluation of Trusted Computing1.3 Problems and Challenges1.4 Structure of This Book
2 Trusted Platform Module
2.1 Design Goals2.2 TPM Security Chip2.2.1 Introduction2.2.2 Platform Data Protection2.2.3 Identification2.2.4 Integrity Storage and Reporting2.2.5 Resource Protection2.2.6 Auxiliary Functions2.3 TCM Security Chip2.3.1 Main Functionalities2.3.2 Main Command Interfaces2.4 Mobile Trusted Module2.4.1 Main Features of MTM 2.4.2 MTM Functionalities and Commands2.5 Developments of Related New Technologies2.5.1 Dynamic Root of Trust for Measurement2.5.2 Virtualization Technology2.6 Summary
3 Building Chain of Trust
3.1 Root of Trust3.1.1 Introduction of Root of Trust3.1.2 Root of Trust for Measurement3.1.3 Root of Trust for Storage and Reporting3.2 Chain of Trust3.2.1 The Proposal of Chain of Trust3.2.2 Categories of Chain of Trust3.2.3 Comparisons between Chains of Trust3.3 Systems Based on Static Chain of Trust3.3.1 Chain of Trust at Bootloader3.3.2 Chain of Trust in OS3.3.3 The ISCAS Chain of Trust3.4 Systems Based on Dynamic Chain of Trust3.4.1 Chain of Trust at Bootloader3.4.2 Chain of Trust in OS3.5 Chain of Trust for Virtualization Platforms3.6 Summary
4 Trusted Software Stack
4.1 TSS Architecture and Functions4.1.1 TSS Architecture4.1.2 Trusted Device Driver4.1.3 Trusted Device Driver Library4.1.4 Trusted Core Services4.1.5 Trusted Service Provider4.2 TSS Interface4.2.1 Object Type in TSM 4.2.2 TDDL Interface in TSM 4.2.3 TCS Interface in TSM 4.2.4 TSP Interface in TSM 4.3 Trusted Application Development4.3.1 Calling Method of Interfaces4.3.2 Example 1: File Encryption and Decryption4.3.3 Example 2: Signature Verification in DRM 4.4 Open-Source TSS Implementation4.4.1 TrouSerS 4.4.2 jTSS 4.4.3 μTSS4.5 Summary
5 Trusted Computing Platform
5.1 Introduction5.1.1 Development and Present Status5.1.2 Basic Architecture5.2 Personal Computer5.2.1 Specification5.2.2 Products and Applications5.3 Server5.3.1 Specification5.3.2 Products and Applications5.4 Trusted Mobile Platform5.4.1 Specification5.4.2 Generalized Architecture5.4.3 Implementation of Trusted Mobile Platform5.4.4 Applications5.5 Virtualized Trusted Platform5.5.1 Requirements and Specification5.5.2 Generalized Architecture5.5.3 Implementation of Virtualized Trusted Platform5.5.4 Applications5.6 Applications of Trusted Computing Platform5.6.1 Data Protection5.6.2 Security Authentication5.6.3 System Security Enhancement5.6.4 Trusted Cloud Services5.6.5 Other Applications5.7 Summary
6 Test and Evaluation of Trusted Computing
6.1 Compliance Test for TPM/TCM Specifications6.1.1 Test Model6.1.2 Test Method6.1.3 Test Implementation6.2 Analysis of Security Mechanism of Trusted Computing6.2.1 Analysis Based on Model Checking6.2.2 Analysis Based on Theorem Proving6.3 Evaluation and Certification of Trusted Computing6.3.1 Common Criteria6.3.2 TPM and TNC Certification6.4 Comprehensive Test and Analysis System of Trusted Computing Platform6.4.1 Architecture and Functions of System6.4.2 Compliance Test for TPM/TCM Specification6.4.3 Tests of Cryptography Algorithms and Randoms6.4.4 Simulation of Security Chip and Protocol6.4.5 Promotion and Application6.5 Summary

7 Remote Attestation
7.1 Remote Attestation Principle7.1.1 Technology Foundation7.1.2 Protocol Model7.1.3 Interface Implementation7.2 Comparison of Remote Attestation Researches7.2.1 Attestation of Platform Identity7.2.2 Attestation of Platform Integrity7.3 Attestation of Platform Identity7.3.1 Attestation of Platform Identity Based on Privacy CA7.3.2 Direct Anonymous Attestation
7.3.3 Research Prospects
7.4 Attestation of Platform Integrity7.4.1 Binary Remote Attestation7.4.2 Property-Based Remote Attestation
7.4.3 Research Prospects
7.5 Remote Attestation System and Application7.5.1 Remote Attestation System in Security PC7.5.2 Integrity Verification Application on Mobile Platform7.5.3 Remote Attestation Integrated with the TLS Protocol7.6 Summary
8 Trust Network Connection
8.1 Background of TNC 8.1.1 Introduction to NAC 8.1.2 Commercial NAC Solutions8.1.3 Defects of Current Solutions and TNC Motivation8.2 Architecture and Principles of TNC 8.2.1 Standard Architecture8.2.2 Overall Architecture8.2.3 Workflow8.2.4 The Advantages and Disadvantages of TNC 8.3 Research on Extension of TNC 8.3.1 Overview of the TNC Research8.3.2 Trust@FHH8.3.3 ISCAS Trusted Network Connection System8.4 Application of Trusted Network Connection8.5 Summary
Appendix A: Foundations of Cryptography
A.1 Block Cipher AlgorithmA.1.1 AES A.1.2 SMS4A.2 Public-Key Cryptography AlgorithmA.2.1 RSAA.2.2 Elliptic Curve Public-Key Encryption Algorithm
A.2.3 SM2 Public-Key Encryption Algorithm
A.3 Digital Signature AlgorithmA.3.1 ECDSA Digital Signature AlgorithmA.3.2 SM2 Digital SignatureA.4 Hash FunctionA.4.1 SHA-256 Hash AlgorithmA.4.2 SM3 Hash AlgorithmA.5 Key Exchange ProtocolsA.5.1 MQV Key Exchange ProtocolA.5.2 SM2 Key Exchange Protocol
References
Index

Content preview from Trusted Computing

4Trusted Software Stack

In order to use physical security chips (including TPM and TCM), users require a software module to interact with them. This module is called Trusted Software Stack (TSS).20 As the entry of using a security chip, TSS usually locates between the security chip and user applications. It facilitates user applications to invoke security chip interfaces, and provides functions such as security chip access, security authentication, cryptographic services and resource management. Different security chips need appropriate software stacks such as TCG Software Stack corresponding to TPM and TCM Service Module (TSM) corresponding to TCM.

TSS is the bridge of interaction between user applications and security chip. A security chip ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9783110476095

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Trusted Computing

by Dengguo Feng, Tsinghua University Tsinghua University Press

4Trusted Software Stack

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.