Trust management for trusted computing platforms in web services

摘要

The concept of trusted platforms using trusted computing technology such as the Trusted Platform Module (TPM) is becoming significant in that such technologies are being increasingly available in PCs and mobile devices today. When such trusted platforms are used in applications, one of the key design issues is the ability to capture platform level requirements and to represent them as security policies for authorization decision making. This paper makes some contributions which we believe are an important first step in achieving policy based decision making with trusted platforms. It outlines a platform based trust management framework for specification of trust policies. In this context, we argue the need for a higher level abstraction that is able to capture the lower level state of the platform and use this in the evaluation of trust between the communicating entities. We extend the notion of trusted platform properties by introducing the concept of Component Property Certificates, which can be used in specifying and building trust relationships. We then illustrate how component property certificates can be used in the specification of trust policies of different granularities.