Trusted Platform Validation and Management

Trusted Platform Validation and Management

Andreas U. Schmidt (Novalyst IT AG, Germany), Andreas Leicher (Novalyst IT AG, Germany), Inhyok Cha (InterDigital Communications, USA) and Yogendra Shah (InterDigital Communications, USA)
DOI: 10.4018/jdtis.2010040101
OnDemand PDF Download:


Computing platforms are approaching the era of truly distributed and mobile systems. For such large scale deployments of partly autonomously communicating and connecting network elements, trust issues acquire new qualities. Remote establishment of trust and an enabling architecture to manage distributed network elements remotely become essential. Following the authors’ previous analysis on trust establishment, this paper presents base concepts for platform validation and management, with scalable trust properties and flexible security. The presentation is set in context of machine-to-machine communication and intelligent gateways in mobile networks.
Article Preview

1. Introduction

This paper continues a trail of ideas (Schmidt, Leicher, & Cha, 2010) on trusted technical systems, emphasising the aspect of communicating trustworthiness between systems. A critical review of traditional notions of trust led us to a synthetic definition of trust in technical systems, which can be effective in applications. We call this the operational interpretation of trust to the relations and interactions between technical systems and between technical systems and human beings:

An entity can be trusted if it predictably and observably behaves 
in the expected manner for the intended purpose

This is essentially also a synthesis of the meanings that for instance the standardisation organisations Trusted Computing Group (TCG) and the International Standardisation Organisation (ISO) attribute to trust, cf., Pearson (2002b). The operational interpretation, which is actually rooted in physicists’ prevalent understanding of quantum systems (Haag, 1992; Lamb, 1969, 2001), has three salient features:

  • Predictability designates a priori knowledge about a system that can be used to a) assess the risk incurred in interacting with that system, and b) allow obtaining knowledge about the system during the interaction by reasoning on observations.

  • Observability specifies the means by, and extent to which knowledge about a system can be gained in interactions. It is closely linked to predictability, in that observations, together with predictions, yield further knowledge on a system’s state, properties, and, by that, its future behaviour.

  • Contextuality designates information delineating the scope of interactions with the system in which predictions hold and observations can be made.

The three properties allow, at least in principle, a mapping between the socio-economic concept of trust and technical concepts. Taken together, they allow an assessment of the trustworthiness of an entity, or reciprocally, the risk it poses to a trustier. The operational understanding of trust is contrasted with traditional notions of enforcement, which strives to reduce risks by behavioural control, rather than a priori assessment of a trusted system(see Schmidt, Leicher, & Cha, 2010 for a discussion of nomenclature). While our mentioned paper explores the conceptual foundations of trusted systems, we now continue and extend those concepts to explore the operational cycle of remotely validated and managed Trusted System (TS) more deeply. We envisage one major, application domain for the concepts presented here: Machine-to-Machine (M2M) Communication – situations in which machines and networks interconnect in a largely autonomous fashion. M2M provides a paradigm for the security threats encountered in future communication networks (Cha, Shah, Schmidt, Leicher, & Meyerstein, 2009).

The core concept we provide in this paper is that of combined platform validation and management (PVM) of a TS by a network. Section 2 introduces the necessary terminology and background from (Schmidt, Leicher, & Cha, 2010). The third, main section details the network architecture of PVM in a generic way. The context is set by a TS accessing a mobile (next generation) communication network. Section 3 also shows the main process flows of PVM between the entities and sketches the preferred ways to solve technical problems such as synchronisation and how to fulfil essential security requirements. The fourth section highlights a central performance question for PVM: How to cater in a scalable way for myriads of smart, connected devices. We explore how this issue could potentially be resolved by a hierarchical organisation of PVM processes, involving gateways to unburden the core network (CN). Section 5 concludes the paper.

Complete Article List

Search this Journal:
Volume 2: 3 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing