Secure Open Systems for Protecting Privacy and Digital Services
This paper describes and analyzes a system architecture that enables consumers to access services and content from multiple providers without jeopardizing the privacy interests of consumers or the intellectual property rights of providers. In order to satisfy these highly desirable objectives, we argue for the necessity of a Trust Server that mediates the conferral and revocation of trust relationships between consumers and providers. The system also calls for the deployment of programmable security coprocessors at vulnerable sites requiring protection, namely at the Trust Server and at each consumer. We define the specific requirements of consumer-side Coprocessors, and their server-side counterparts denoted as Hardware Security Modules (HSMs). A single Coprocessor serves multiple providers by allocating to each of them a virtualized trusted computing environment for software execution and data manipulation. Bearing in mind that the tamper-resistance offered by Coprocessors is subject to more stringent economic pressures than that offered by HSMs, we include in our architecture containment capabilities that prevent compromised Coprocessors from causing damage disproportionate to their numbers. We explain the specific challenges faced with providing containment capabilities while protecting consumer privacy, given that a single Coprocessor must serve the needs of multiple providers. The simultaneous attainment of these goals is one of the highlights of our architecture.
KeywordsApplication Server Protecting Privacy Digital Right Management Multiple Provider Digital Service
Unable to display preview. Download preview PDF.
- 1.B. Askwith, M. Merabti, Q. Shi, and K. Whiteley. Achieving user privacy in mobile networks. In Proceedings of the 13th Annual Computer Security Applications Conference, 1997.Google Scholar
- 3.L. Buttyán and J.-P. Hubaux. Accountable Anonymous Access to Services in Mobile Communication Systems. In Proceedings of SRDS’ 99, 1999.Google Scholar
- 4.D. Chaum and T. P. Pedersen. Wallet databases with observers. In Advances in Cryptology: Crypto’ 92, E. F. Brickell, Ed., Lecture Notes in Computer Science 740, pp. 89–105, Springer-Verlag, 1992.Google Scholar
- 5.Committee on Intellectual Property Rights in the Emerging Information Infrastructure. The Digital Dilemma: Intellectual Property in the Information Age. Washington, D. C., National Academy Press, 2000.Google Scholar
- 6.G. Horn and B. Preneel. Authentication and payment in future mobile systems. In Proceedings of ESORICS’ 98, 1998.Google Scholar
- 7.B. Kaliski. New Challenges in Embedded Security. Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
- 9.J. Manferdelli. Digital Rights Management (“DRM”). Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
- 10.K. Martin, B. Preneel, C. Mitchell, H. Hitz, A. Poliakova, and P. Howard. Secure billing for mobile information services in UMTS. In Proceedings of IS&N’98, 1998.Google Scholar
- 11.R. Mori and M. Kawahara. Superdistribution: the concept and the architecture. Technical Report 7, Inst. of Inf. Sci. & Electron (Japan), Tsukuba Univ., Japan, July 1990.Google Scholar
- 12.B. Patel and J. Crowcroft. Ticket based service access for the mobile user. In Proceedings of Mobicom’ 97, 1997.Google Scholar
- 13.S. Pugh, The Need for Embedded Security. Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
- 14.M. O. Rabin. Digitalized Signatures and Public-key Functions as Intractable as Factorization. MIT Laboratory for Computer Science Technical Report 212 (MIT/LCS/TR-212), 1979.Google Scholar
- 15.M. Rotenberg. Consumer Implications of Security Applications. Consortium for Efficient Embedded Security, Symposium on Embedded Security, Security Ownership and Trust Models, July 10, 2001 (www.ceesstandards.org).
- 16.S. Smith. Secure coprocessing applications and research issues. Los Alamos Unclassified Release LA-UR-96-2805, August 1996.Google Scholar
- 17.S. W. Smith, E. R. Palmer, S. H. Weingart. Using a High-Performance, Programmable Secure Coprocessor. In Proceedings, Second International Conference on Financial Cryptography. Springer-Verlag LNCS, 1998.Google Scholar
- 18.M. Stefik. Trusted Systems, Scientific American 276(3), March 1997, pp. 78–81.Google Scholar
- 19.U. Wilhelm, S. Staamann, and L. Buttyán. On the problem of trust in mobile agent systems. In Proceedings of NDSS’ 98, 1998.Google Scholar