Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management
 |
Title: ADVANTAGES AND DISADVANTAGES |
 |
Advantages and Disadvantages
The main advantage of the approach described in the previous section is that the changes to the original architecture of the IdM system are not overwhelming. The integration of a TPM as hardware ship in the Identity Provider’s system is practically possible. Still, the protocols to be developed should be able to produce a special identity credential with a specific format that could be parsed by the Service Providers. This Trusted Ticket should typically include an attribute statement for the status information. The latter requires the TPM’s PCR values, in addition to the AIK credential itself which is used to sign the status information.
The integration of the Privacy-CA role is also possible since it has been specified by the TCG. This will avoid adding a PKI system to provide cross certifications between Identifier Domains. As the infrastructure is already specified by the TCG, the costs of cross certification are surely reduced, despite the need for developed algorithms for handling the special identity credentials both at the Identity and Service Providers sides.
The issue of scalability of the trusted infrastructure remains a problem, since the Privacy-CA should be reachable by all Identity Providers in order for those to obtain AIK credentials. The singularity of the Privacy-CA is essential in order to establish the trust across Domains.
| |
   |
|
| 33 / 38 |
