Protocol for trusted channel based on portable trusted module

Author

Zhang Dawei ; Han Zhen ; Jiang Yichen ; Du Ye ; Li Meihong

Author_Institution

Sch. of Comput. & Inf. Technol., Beijing Jiaotong Univ., Beijing, China

Volume

10

Issue

11

fYear

2013

fDate

Nov. 2013

Firstpage

1

Lastpage

14

Abstract

Web-based e-commerce applications need a trusted channel, which provides confidential communication, identity authentication and integrity assurance of endpoints, to guarantee the security of electronic transactions. A user-oriented trusted computing system based on Portable Trusted Module (PTM) is presented. Remote attestation is incorporated into Transport Layer Security (TLS) handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network. This protocol can resist masquerading, trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively. The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.

Keywords

Internet; cryptographic protocols; data privacy; electronic commerce; transport protocols; trusted computing; Internet; PTM; TLS handshake protocol; Web-based e-commerce applications; confidential communication; electronic transaction security; identity authentication; integrity assurance; portable trusted module; remote attestation; transport layer security handshake protocol; trusted channel; user-oriented trusted computing system; Authentication; Java; Malware; Trust management; Universal Serial Bus; remote attestation; transport layer security; trusted computing; trusted module;

fLanguage

English

Journal_Title

Communications, China

Publisher

ieee

ISSN

1673-5447

Type

jour

DOI

10.1109/CC.2013.6674205

Filename

6674205