Abstract
This paper describes and analyzes a system architecture that enables consumers to access services and content from multiple providers without jeopardizing the privacy interests of consumers or the intellectual property rights of providers. In order to satisfy these highly desirable objectives, we argue for the necessity of a Trust Server that mediates the conferral and revocation of trust relationships between consumers and providers. The system also calls for the deployment of programmable security coprocessors at vulnerable sites requiring protection, namely at the Trust Server and at each consumer. We define the specific requirements of consumer-side Coprocessors, and their server-side counterparts denoted as Hardware Security Modules (HSMs). A single Coprocessor serves multiple providers by allocating to each of them a virtualized trusted computing environment for software execution and data manipulation. Bearing in mind that the tamper-resistance offered by Coprocessors is subject to more stringent economic pressures than that offered by HSMs, we include in our architecture containment capabilities that prevent compromised Coprocessors from causing damage disproportionate to their numbers. We explain the specific challenges faced with providing containment capabilities while protecting consumer privacy, given that a single Coprocessor must serve the needs of multiple providers. The simultaneous attainment of these goals is one of the highlights of our architecture.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
B. Askwith, M. Merabti, Q. Shi, and K. Whiteley. Achieving user privacy in mobile networks. In Proceedings of the 13th Annual Computer Security Applications Conference, 1997.
M. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor. Checking the correctness of memories. Algorithmica, 12(2/3), pp. 225–244, 1994.
L. Buttyán and J.-P. Hubaux. Accountable Anonymous Access to Services in Mobile Communication Systems. In Proceedings of SRDS’ 99, 1999.
D. Chaum and T. P. Pedersen. Wallet databases with observers. In Advances in Cryptology: Crypto’ 92, E. F. Brickell, Ed., Lecture Notes in Computer Science 740, pp. 89–105, Springer-Verlag, 1992.
Committee on Intellectual Property Rights in the Emerging Information Infrastructure. The Digital Dilemma: Intellectual Property in the Information Age. Washington, D. C., National Academy Press, 2000.
G. Horn and B. Preneel. Authentication and payment in future mobile systems. In Proceedings of ESORICS’ 98, 1998.
B. Kaliski. New Challenges in Embedded Security. Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
C. H. Lim and P. J. Lee. A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroup. In Advances in Cryptology: Crypto’ 97, B. S. Kaliski, Jr., Ed., Lecture Notes in Computer Science 1294, pp. 249–263, Springer-Verlag, 1997.
J. Manferdelli. Digital Rights Management (“DRM”). Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
K. Martin, B. Preneel, C. Mitchell, H. Hitz, A. Poliakova, and P. Howard. Secure billing for mobile information services in UMTS. In Proceedings of IS&N’98, 1998.
R. Mori and M. Kawahara. Superdistribution: the concept and the architecture. Technical Report 7, Inst. of Inf. Sci. & Electron (Japan), Tsukuba Univ., Japan, July 1990.
B. Patel and J. Crowcroft. Ticket based service access for the mobile user. In Proceedings of Mobicom’ 97, 1997.
S. Pugh, The Need for Embedded Security. Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
M. O. Rabin. Digitalized Signatures and Public-key Functions as Intractable as Factorization. MIT Laboratory for Computer Science Technical Report 212 (MIT/LCS/TR-212), 1979.
M. Rotenberg. Consumer Implications of Security Applications. Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
S. Smith. Secure coprocessing applications and research issues. Los Alamos Unclassified Release LA-UR-96-2805, August 1996.
S. W. Smith, E. R. Palmer, S. H. Weingart. Using a High-Performance, Programmable Secure Coprocessor. In Proceedings, Second International Conference on Financial Cryptography. Springer-Verlag LNCS, 1998.
M. Stefik. Trusted Systems, Scientific American 276(3), March 1997, pp. 78–81.
U. Wilhelm, S. Staamann, and L. Buttyán. On the problem of trust in mobile agent systems. In Proceedings of NDSS’ 98, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kravitz, D., Yeoh, KE., So, N. (2002). Secure Open Systems for Protecting Privacy and Digital Services. In: Sander, T. (eds) Security and Privacy in Digital Rights Management. DRM 2001. Lecture Notes in Computer Science, vol 2320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47870-1_7
Download citation
DOI: https://doi.org/10.1007/3-540-47870-1_7
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43677-5
Online ISBN: 978-3-540-47870-6
eBook Packages: Springer Book Archive