Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management
 |
Title: TRUSTED COMPUTING, IDENTITY AND IDENTITY MANAGEMENT |
 |
Trusted Computing, Identity and Identity Management
Trusted Computing for Identity Management
Trusted computing technologies aim at affording secure platforms which behave in a consistent way and which are able to prove their own integrity for both their owners and third parties. TC-based platforms provide elementary security functionalities based on which operating systems and applications can operate securely and consistently, turning down any attempts for tampering with them. Hence, a TC-based platform’s secure operation is not only trusted by the platform’s owner, but also by other parties interacting directly or indirectly with this platform. The root of trust for such platforms lies in the TPM chip (cf. 4.1).
Among other properties, a TPM chip can store a number of keys and credentials. Some of those are non-migratable i.e. can never leave the TPM unencrypted, and are therefore bound to a specific TPM on a specific platform. Binding and Sealing are two of the functionalities provided by a TC platform which make use of the secure storage of keys and credentials within the embedded TPM. On the other hand, a TPM-based platform has its well preserved unique digital identity which can distinguish it from other platforms. The platform’s unique digital identity can be derived from the corresponding Platform Credential or Endorsement Key.
Hence, from a conceptual point of view, correlation between a specific platform’s identity and its owner’s or user’s identity seems possible. With TPMs able to store more than one certificate or key, users’ identities, platforms identities and their corresponding transactions can all be bound or correlated to each other in several ways.
While Identity Management (IdM) exists in different forms, it focuses on the establishment, description and destruction of subjects’ or objects’ identities, by associating attributes to each identity. IdM systems make use of those established identities and corresponding attributes to provide ground for services such as authentication, authorization, behaviour analysis, personalized services, roles and pseudonyms management which are all identity dependents. Therefore, with TC platforms able to associate hardware identity to users identities, TC seems to have big influence, positive but also negative, on the capabilities of IdM systems and hence on the efficiency of the services they provide.
In the following sections, we try to envision how TC can affect some aspects of IdM, and how it can open doors or give ground for a new perspective of IdM and IdM systems.
| |
   |
|
| 23 / 38 |
