User Centric Security Model for Tamper-Resistant Devices

摘要

Tamper-resistant devices provide a secure, reliable, and trusted execution environment even in the possession of an adversary. With ever growing use of computing platforms (i.e. mobile phones, tablets and embedded devices, etc.) the potential for compromising the security and privacy of an individual is increased. The Trusted Platform Module is restricted to integrity measurement and cryptographic operations, which is crucial in its own right. On the contrary, smart cards provide a general-purpose execution environment, but traditionally they are under a centralised control, which if extended to the other computing platforms may not be appropriate. Therefore, in this paper we analyse the rationale for a general-purpose cross-platform user centric tamper-resistant device based on the smart card architecture, its applications in different computing environments, along with the ownership management framework.