A PrivacyCA for Anonymity and Trust

Pirker, Martin; Toegl, Ronald; Hein, Daniel; Danner, Peter

doi:10.1007/978-3-642-00587-9_7

Cited by 24 publications

(12 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The single attestation identity key K AIK serves for platform attestation and certification of other TPM keys. In our concept, the TrustCenter also takes the additional role of a PrivacyCA [32]. As part of AIK creation, it issues an AIK certificate for K AIK pub : A copy of this AIK certificate Cert AIK is stored on the camera.…”

Section: System Architecture and Setupmentioning

confidence: 99%

User-centric privacy awareness in video surveillance

Winkler

Rinner

2011

Multimedia Systems

View full text Add to dashboard Cite

Especially in urban environments, video cameras have become omnipresent. Supporters of video surveillance argue that it is an excellent tool for many applications including crime prevention and law enforcement. While this is certainly true, it must be questioned if sufficient efforts are made to protect the privacy of monitored people. Privacy concerns are often set aside when compared to public safety and security. One reaction to this situation is emerging: community-based efforts where citizens register and map surveillance cameras in their environment. Our study is inspired by this idea and proposes a user-specific and location-aware privacy awareness system. Using conventional smartphones, users not only can contribute to the camera maps, but also use community-collected data to be alerted of potential privacy violations. In our model, we define different levels of privacy awareness. For the highest level, we present a mechanism that allows users to directly interact with specially designed, trustworthy cameras. These cameras provide direct feedback about the tasks that are executed by the camera and how privacy-sensitive data is handled. A hardware security chip that is integrated into the camera is used to ensure authenticity, integrity and freshness of the provided camera status information.

show abstract

Section: System Architecture and Setupmentioning

confidence: 99%

User-centric privacy awareness in video surveillance

Winkler

Rinner

2011

Multimedia Systems

View full text Add to dashboard Cite

show abstract

“…Such an Attestation Identity Key (AIK) can be created on demand within the TPM. Its authenticity can then be certified by an online trusted third party, called PrivacyCA, demonstrated in [31] or by the more complex group-signature based DAA scheme [3]. An AIK can be used one or several times, whenever an attester requests the attestation of the trusted platform.…”

Section: Platform Support For Remote Attestationmentioning

confidence: 99%

An approach to introducing locality in remote attestation using near field communications

Toegl

Hutter

2010

J Supercomput

Self Cite

View full text Add to dashboard Cite

Remote Attestation, as devised by the Trusted Computing Group, is based on a secure hardware component-the Trusted Platform Module (TPM). It allows to reach trust decisions between different network hosts. However, attestation cannot be applied in an important field of application-the identification of physically encountered, public computer platforms. Unfortunately, such computer terminals are especially exposed and the software running on them cannot be assumed unaltered and secure.Three challenges arise. The cryptographic protocols that actually perform the attestation do not provide for human-intelligible trust status analysis, easily graspable conveyance of results, nor the intuitive identification of the computer platform involved. Therefore, the user needs a small portable device, a token, to interact with local computer platforms. It can perform an attestation protocol, report the result to the user, even if the display the user faces cannot be trusted and may be connected to the platform under scrutiny. In addition, the token must establish that the particular machine faced actually contains the TPM that performs the attestation.In this paper, we demonstrate an attestation token architecture which is based on a commodity smart phone and which is more efficient and flexible than previous proposals. Furthermore, we introduce an autonomic and low-cost Near Field Communication (NFC) compatible interface to the TPM that provides a direct channel for proof of the TPM's identity and local proximity to the attestation token.

show abstract

“…To protect the platform owner's privacy, a pseudonym identity is used: an Attestation Identity Key (AIK). The authenticity of an AIK can be certified by an online trusted third party, called PrivacyCA [10], or with the group-signature-based DAA scheme. Then, a remote verifier may analyze the Quote result and decide whether to trust the given configuration or not.…”

Section: Trusted Computing In Nfc Environmentsmentioning

confidence: 99%

A Trusted Platform Module for Near Field Communication

Hutter

Toegl

2010

2010 Fifth International Conference on Systems and Networks Communications

Self Cite

View full text Add to dashboard Cite

Near Field Communication (NFC) has become widely available on smart phones. It helps users to intuitively establish communication between local devices. Accessing devices such as public terminals raises several security concerns in terms of confidentiality and trust. To overcome this issue, NFC can be used to leverage the trusted-computing protocol of remote attestation.In this paper, we propose an NFC-enabled Trusted Platform Module (TPM) architecture that allows users to verify the security status of public terminals. For this, we introduce an autonomic and low-cost NFC-compatible interface to the TPM to create a direct trusted channel. Users can access the TPM with NFC-enabled devices. The architecture is based on elliptic-curve cryptography and provides efficient signing and verifying of the security-status report. As a proof-ofconcept, we implemented an NFC-enabled TPM platform and show that a trust decision can be realized with commodity smart phones. The NFC-enabled TPM can effectively help to overcome confidentiality issues in common public-terminal applications.

show abstract

A PrivacyCA for Anonymity and Trust

Cited by 24 publications

References 13 publications

User-centric privacy awareness in video surveillance

User-centric privacy awareness in video surveillance

An approach to introducing locality in remote attestation using near field communications

A Trusted Platform Module for Near Field Communication

Contact Info

Product

Resources

About