Title: USABILITY ASPECTS

Trusted computing may be used to implement privacy-preserving applications in a straightforward manner by deploying the respective application in a trusted environment, i.e. operating on a TCG platform. This approach is problematic mainly with regard to the evaluation of the platform configuration as part of the attestation process: The user (or an entity acting on his behalf) has to evaluate different platform configurations if different applications are used, and additional platform configurations whenever an application is patched or updated, resulting in a rather inflexible attestation process. 

As a result, users may decide to restrict themselves to using only a small part of available applications based on Trusted Computing in order to avoid the overhead of additional tasks related to the evaluation of platform configurations. One possible way to improve the usability of applications based on Trusted Computing is to attest not the application itself, but instead the runtime environment in which the application is deployed. In this case, updating the application or using different applications is less problematic as long as the runtime environment configuration remains the same and does not have to be re-evaluated. 

It should be noted that if the runtime environment is attested instead of the application itself, the privacy-preserving functionality has to be implemented at least implicitly via the runtime environment. A possible approach, described in detail in section , prevents the propagation of private data outside the runtime environment.

The next chapter presents solutions for the time problem and for verifying the usage of personal data based on Trusted Computing.