Securing Web Servers against Insider Attack
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Linking remote attestation to secure tunnel endpoints
Proceedings of the first ACM workshop on Scalable trusted computing
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Problem areas for the IP security protocols
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Enabling fairer digital rights management with trusted computing
ISC'07 Proceedings of the 10th international conference on Information Security
A Demonstrative Ad Hoc Attestation System
ISC '08 Proceedings of the 11th international conference on Information Security
Improving the scalability of platform attestation
Proceedings of the 3rd ACM workshop on Scalable trusted computing
An efficient implementation of trusted channels based on openssl
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
e-EMV: emulating EMV for internet payments with trusted computing technologies
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Secure offline superdistribution for mobile platforms
International Journal of Applied Cryptography
A secure DVB set-top box via trusting computing technologies
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Towards automated security policy enforcement in multi-tenant virtual data centers
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
A security-enhanced remote platform integrity attestation scheme
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Securing peer-to-peer distributions for mobile devices
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Transparent mobile storage protection in trusted virtual domains
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Engineering attestable services
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Proceedings of the 1st ACM International Health Informatics Symposium
Extending IPsec for efficient remote attestation
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Novel access and remediation scheme in hierarchical trusted network
Computer Communications
A formal analysis of authentication in the TPM
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Practical property-based attestation on mobile devices
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Application-binding protocol in the user centric smart card ownership model
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Enabling secure VM-vTPM migration in private clouds
Proceedings of the 27th Annual Computer Security Applications Conference
Trusted integrity measurement and reporting for virtualized platforms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
| Hi-index | 0.01 |
A Trusted Channel is a secure communication channel which is cryptographically bound to the state of the hardware and software configurations of the endpoints. In this paper, we describe secure and flexible mechanisms to establish and maintain Trusted Channels which do not have the deficiencies of previous proposals. We also present a concrete implementation proposal based on Transport Layer Security (TLS) protocol, and Trusted Computing technology. We use Subject Key Attestation Evidence extensions to X.509v3 certificates to convey configuration information during key agreement (TLS handshake). The resulting session key is kept within the Trusted Computing Base, and is updated in a predetermined manner to reflect any detected change in the local configuration. This allows an endpoint to detect changes in the configuration of the peer endpoint while the Trusted Channel is in place, and to decide according to a local policy whether to maintain or tear down the Trusted Channel