D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes: Future of IDentity in the Information Society

You are here: Resources > FIDIS Deliverables > Privacy and legal-social content > D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes >

Resources

Identity Use Cases & Scenarios.
FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
  - D13.1: Identity and impact of privacy enhancing technologie.
  - D13.1 Addendum: Identity and impact of privacy enhancing technologies.
  - D13.3: Study on ID number policies.
  - D13.6 Privacy modelling and identity.
  - D13.7: Workshop Privacy.
  - D14.1: Workshop on Privacy in Business Processes.
  - D14.2: Study on Privacy in Business Processes by Identity Management.
  - D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes.
  - D14.4: Workshop on “From Data Economy to Secure.
  - D16.3: Towards requirements for privacy-friendly identity management in eGovernment.
- Mobility and Identity.
- Other.
IDIS Journal.
FIDIS Interactive.
Press & Events.
In-House Journal.
Booklets
Identity in a Networked World.
Identity R/Evolution.

Title:
INTEGRITY MEASUREMENT AND REPORTING

Integrity Measurement and Reporting

A trusted platform subsequently collects information about its current configuration and stores it in a log outside the TPM, called Stored Measurement Log (SML). This enables the detection of modified code and malicious or unwanted software which might compromise the platform’s security and thus its level of trust. The information stored in the SML cannot be stored inside the TPM device since it may become very large. Manipulations of the SML will be detected because the digest of the original sequence is securely stored inside the TPM. For this purpose the TPM provides a set of registers called Platform Configuration Registers (PCR) that can be used to store hash values. The TPM hardware ensures that the registers can only be modified as follows: Ri+1 := SHA1(RijI), with the old register value Ri, the new register value Ri+1, and the input I. The process of modifying a PCR value is called extending a PCR and ensures that related values will not be ignored and the order of operations is preserved.

The content of the PCRs can be used for verifiable attestation of the platform’s configuration based on Validation Credentials and the chain of trust. Validation Credentials are digital certificates issued by hard- or software manufacturers that provide measurable components (like video and disk storage adapters, memory controllers, processors or software) or other qualified validation entities. They contain the validation entity name, component manufacturer name, component model number, version or stepping and digitally signed reference measurement values taken in a clean-room environment when the component is believed to work properly. The verification of a platform configuration state requires the re-computation of the measurement digest using the reference measurements from the Validation Credentials and a simple comparison of the resulting digest value with the actual content of the PCR. A TPM can attest to a PCR value by digitally signing it with an AIK.

18 / 39