• Journal of Internet Computing and Services
• /
• v.9 no.6
• /
• pp.1-13
• /
• 2008

Trusted Computing is a hardware-based technology that aims to guarantee security for machines beyond their users' control by providing security on computing hardware and software. TPM(Trusted Platform Module), the trusted platform specified by the Trusted Computing Group, acts as the roots for the trusted data storage and the trusted reporting of platform configuration. Data sealing encrypts secret data with a key and the platform's configuration at the time of encryption. In contrast to the traditional data sealing based on binary hash values of the platform configuration, a new approach called property-based data sealing was recently suggested. In this paper, we propose and analyze a new property-based data sealing protocol using the weakest precondition concept by Dijkstra. The proposed protocol resolves the problem of system updates by allowing sealed data to be unsealed at any configuration providing the required property. It assumes practically implementable trusted third parties only and protects platform's privacy when communicating. We demonstrate the proposed protocol's operability with any TPM chip by implementing and running the protocol on a software TPM emulator by Strasser. The proposed scheme can be deployed in PDAs and smart phones over wireless mobile networks as well as desktop PCs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.4
• /
• pp.79-91
• /
• 2008

Modern society as an information society, a lot of information is communicated in on-line. Specially, mobile environment based on radio communication has a characteristic of flexibility compared with wire communication and is developed rapidly. However, the more mobile technology is developed the more security for sensitive information is needed. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM, hardware security module for mobile environment, offers user's privacy protection, platform integrity verification, and individual platform attestation. On the other hand, secure migration scheme is required in case secret data or key is transferred from one platform to the other platform. In this paper, we analyze migration schemes which were described in TCG standard and other papers and then propose security maintenance scheme for secret data using USIM(Universal Subscriber Identity Module).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.9
• /
• pp.2405-2423
• /
• 2012

In a traditional Single Sign-On (SSO) scheme, the user and the Service Providers (SPs) have given their trust to the Identity Provider (IdP) or Authentication Service Provider (ASP) for the authentication and correct assertion. However, we still need a better solution for the local/native true SSO to gain user confidence, whereby the trusted entity must play the role of the ASP between distinct SPs. This technical gap has been filled by Trusted Computing (TC), where the remote attestation approach introduced by the Trusted Computing Group (TCG) is to attest whether the remote platform integrity is indeed trusted or not. In this paper, we demonstrate a Trustworthy Mutual Attestation (TMutualA) protocol as a proof of concept implementation for a local true SSO using the Integrity Measurement Architecture (IMA) with the Trusted Platform Module (TPM). In our proposed protocol, firstly, the user and SP platform integrity are checked (i.e., hardware and software integrity state verification) before allowing access to a protected resource sited at the SP and releasing a user authentication token to the SP. We evaluated the performance of the proposed TMutualA protocol, in particular, the client and server attestation time and the round trip of the mutual attestation time.

• Smart Media Journal
• /
• v.5 no.4
• /
• pp.116-123
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.335-346
• /
• 2009

Mobile environments are evolving the main communication environment as a develops of communication technology. In mobile environments, sensitive information can be compromised on-line, so demand for security has increased. Also, mobile devices that provide various services are in danger from malware and illegal devices, phishing and sniffing etc, and the privacy. Therefore, MTM(Mobile Trusted Module) is developed and promoted by TCG(Trusted Computing Group), which is an industry standard body to enhance the security level in the mobile computing environment. MTM protects user privacy and platform integrity, because it is embedded in the platform, and it is physically secure. However, a security approach is required when secret data is migrated elsewhere, because MTM provides strong security functions. In this paper, we analyze the TCG standard and migration method for cryptographic key, then we propose a secure migration scheme for cryptographic key using key Backup/Recovery method.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

• Review of KIISC
• /
• v.16 no.3
• /
• pp.7-17
• /
• 2006

TCG(Trusted Computing Group)는 더욱 안전한 컴퓨팅 환경의 구현을 목적으로 설립된 업계 컨소시엄으로, 데이터의 신뢰성을 제공하기 위하여 TPM(Trusted Platform Module)으로 불리는 신뢰의 기본을 제공하는 핵심 하드웨어의 사용을 제안하고 있다. 최근 모바일 디바이스의 성능 향상에 따라 다양한 응용들의 지원이 가능해지고, 네트워크를 통한 소프트웨어의 업데이트 및 응용프로그램의 다운로드 등이 가능한 개방형 플랫폼으로의 변화에 따른 디지털 컨버젼스는 TMP(Trusted Mobile Platform)라는 새로운 모바일 플랫폼용 규격의 사용을 필요로 하고 있다. 본 고에서는 기존 컴퓨팅 환경과 모바일 플랫폼에 핵심 보안 모듈인 TPM 기술의 국내 외 기술의 동향과 핵심 요소들에 대한 기술적 개념들을 살펴본다.

• Journal of KIISE:Computing Practices and Letters
• /
• v.14 no.8
• /
• pp.773-777
• /
• 2008

Today's mobile devices have characteristic of random mobility in the heterogeneous networks. Thus they should have various kinds of security requirements. To satisfy these requirements, there are many researches on security and authentication for mobile devices. TCG(Trusted Computing Group) designed TPM(Trusted Platform Module) for providing privacy and authentication to users. Also TCG suggest a protocol, called DAA(Direct Anonymous Attestation) which uses zero knowledge proof theory. In this paper, we will implement DAA protocol using Java and show the efficiency and the problems in the DAA protocol. Finally, we will suggest an efficient mobile DAA model through Java test module for the DAA protocol.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.878-881
• /
• 2009

As for the technology developed for network security, there is little difference of design ability between the domestic and the foreign studies. Although the development of 2048 RSA processor has been undergone, the processing speed does not meet the requirement due to its long width. These days, an RSA processor architecture with higher speed comsuming less resource is necessary. As for the development of RNG (Random Number Generator), the technology trend is moving from PRNG (Pseudo Random Number Generator) to TRNG (True Random Number Generator), also requiring less area and high speed.

• Journal of the Korea Society of Computer and Information
• /
• v.13 no.5
• /
• pp.195-202
• /
• 2008

In this paper, To improve the effectiveness of security enforcement, the first contribution in this work is that we present a clustered heterogeneous WSN(Wareless Sensor Network) architecture, composed of not only resource constrained sensor nodes, but also a number of more powerful high-end devices acting as cluster heads. Compared to sensor nodes, a high-end cluster head has higher computation capability, larger storage, longer power supply, and longer radio transmission range, and it thus does not suffer from the resource scarceness problem as much as a sensor node does. A distinct feature of our heterogeneous architecture is that cluster heads are equipped with TC(trusted computing) technology, and in particular a TCG(Trusted Computing Group) compliant TPM (Trusted Platform Module) is embedded into each cluster head. According the TCG specifications, TPM is a tamper-resistant, self-contained secure coprocessor, capable of performing cryptographic functions. A TPM attached to a host establishes a trusted computing platform that provides sealed storage, and measures and reports the integrity state of the platform.