Welcome to the InfoSci Platform
Building a Trusted Environment for Security Applications

Building a Trusted Environment for Security Applications

Giovanni Cabiddu, Antonio Lioy, Gianluca Ramunno
Copyright: © 2013 |Pages: 27
ISBN13: 9781466640306|ISBN10: 1466640308|EISBN13: 9781466640313
DOI: 10.4018/978-1-4666-4030-6.ch014
Cite Chapter Cite Chapter

MLA

Cabiddu, Giovanni, et al. "Building a Trusted Environment for Security Applications." Theory and Practice of Cryptography Solutions for Secure Information Systems, edited by Atilla Elçi, et al., IGI Global, 2013, pp. 334-360. https://doi.org/10.4018/978-1-4666-4030-6.ch014

APA

Cabiddu, G., Lioy, A., & Ramunno, G. (2013). Building a Trusted Environment for Security Applications. In A. Elçi, J. Pieprzyk, A. Chefranov, M. Orgun, H. Wang, & R. Shankaran (Eds.), Theory and Practice of Cryptography Solutions for Secure Information Systems (pp. 334-360). IGI Global. https://doi.org/10.4018/978-1-4666-4030-6.ch014

Chicago

Cabiddu, Giovanni, Antonio Lioy, and Gianluca Ramunno. "Building a Trusted Environment for Security Applications." In Theory and Practice of Cryptography Solutions for Secure Information Systems, edited by Atilla Elçi, et al., 334-360. Hershey, PA: IGI Global, 2013. https://doi.org/10.4018/978-1-4666-4030-6.ch014

Export Reference

Mendeley
Favorite

Abstract

Security controls (such as encryption endpoints, payment gateways, and firewalls) rely on correct program execution and secure storage of critical data (such as cryptographic keys and configuration files). Even when hardware security elements are used (e.g. cryptographic accelerators) software is still—in the form of drivers and libraries—critical for secure operations. This chapter introduces the features and foundations of Trusted Computing, an architecture that exploits the low-cost TPM chip to measure the integrity of a computing platform. This allows the detection of static unauthorized manipulation of binaries (be them OS components or applications) and configuration files, hence quickly detecting software attacks. For this purpose, Trusted Computing provides enhanced security controls, such as sealed keys (that can be accessed only by good applications when the system is in a safe state) and remote attestation (securely demonstrating the software state of a platform to a remote network verifier). Besides the theoretical foundation, the chapter also guides the reader towards creation of applications that enhance their security by using the features provided by the underlying PC-class trusted platform.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.