You are here: Resources > FIDIS Deliverables > HighTechID > D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management > 

D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management

Scope and Structure of the Document  Title:
 Main concepts of Trusted Computing


Trusted Computing – an Overview

Introduction to Trusted Computing

Existing networked computing platforms are not able to fulfill the multilateral security requirements of parties like companies, end-users, and content providers. This gets obvious in the huge number of exploits and security updates as well as the high number of attacks through viruses, worms and Trojan horses. Furthermore, the security of existing computing platforms could not be vitally improved in the last years due to the conceptual weaknesses, like their monolithic architecture and thus inherent complexity. This pertains to Windows-based operating systems as well as Linux-based ones.


Most of the currently used IT-systems lack elemental security properties, such as integrity checks or the generation of secure cryptographic keys using appropriate random number generators. Thus, the existing threats thwart the realization of a variety of useful applications and business models, particularly in the area of Digital Rights Management (DRM). 

Trusted platform technology should provide evidence about the integrity of a platform to both, the platform’s owner and to arbitrary third parties. To take full advantage of trusted platform properties a public key infrastructure (PKI) is required. 


The degree of confidence in software-only security solutions depends on their correct installation and execution, which can be affected by other software that has been executed on the same platform. Therefore a trusted platform is a conventional platform containing a hardware-based subsystem devoted to maintain trust and security between machines. It contains a trusted component, probably in the form of a built-in cost effective security hardware that is used to create a foundation of trust for software processes. This extra hardware is roughly equivalent to that of a smart card (with some enhancements) and contains a variety of functions that must be trusted. The trust mechanisms in trusted platforms use selected security mechanisms, but they are ultimately based upon signed statements of “social trust” made by individuals and organizations. In addition, a trusted platform provides hardware protection for keys and other secrets, which may be used to encrypt files or gain access to servers or networks. 


Applications and services that would benefit from using trusted platforms include electronic cash, email, hot-desking (allowing mobile users to share a pool of computers), platform management, single sign on (removing the need for the user to be asked to authenticate himself or herself more than once when using different applications during the same work session), virtual private networks, Web access and digital content delivery. 



Scope and Structure of the Document  fidis-wp3-del3.9_Study_on_the_Impact_of_Trusted_Computing_on_Identity_and_Identity_Management_v1.1.sxw  Main concepts of Trusted Computing
5 / 38