Improvement on TCG attestation and its implication for DRM

Authors:
SuGil Choi;JinHee Han;SungIk Jun
Affiliations:
Electronics and Telecommunications Research Institute, Daejeon, South Korea;Electronics and Telecommunications Research Institute, Daejeon, South Korea;Electronics and Telecommunications Research Institute, Daejeon, South Korea
Venue:
ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I
Year:
2007

Citing 4
Cited 0

Display-only file server: a solution against information theft due to insider attack

Proceedings of the 4th ACM workshop on Digital rights management
DRM, trusted computing and operating system architecture

ACSW Frontiers '05 Proceedings of the 2005 Australasian workshop on Grid computing and e-research - Volume 44
Linking remote attestation to secure tunnel endpoints

Proceedings of the first ACM workshop on Scalable trusted computing
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13

Quantified Score

Hi-index	0.00

Visualization

Abstract

TCG (Trusted Computing Group) has defined a set of standards. The main features of the standards are protection against theft of secrets held on the platform and a mechanism for the platform to prove that it is in a trusted state, called attestation. However, the attestation mechanism is vulnerable to relay attack because of the lack of linkage between the endpoint identity and attestation message. We show here how to defeat the attack by employing a new agent, called Network Interface Monitoring Agent (NIMA). In addition, we show that the NIMA-based approach can render DRM more robust and efficient, especially in case of protecting a company's sensitive data.