Devices installed in end-user’s homes but controlled by network operators can be the basis for advanced distributed commercial applications. Virtual machines on these devices can be used to efficiently deploy and manage such applications provided by various competing entities. This paper discusses some security and privacy requirements of such distributed commercial applications and proposes two different approaches to root security and privacy in hardware-based attestation of nodes and virtual machines.


Virtualisation Privacy Trusted Computing Attestation 


  1. 1.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM, New York (2004)CrossRefGoogle Scholar
  2. 2.
    Chen, G., Rahman, F.: Analyzing Privacy Designs of Mobile Social Networking Applications. In: Proceedings of the 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, vol. 2, pp. 83–88. IEEE Computer Society, Los Alamitos (2008)CrossRefGoogle Scholar
  3. 3.
    Dietrich, K.: A Secure and Reliable Platform Configuration Change Reporting Mechanism for Trusted Computing Enhanced Secure Channels. In: ICYCS 2008 – The 9th International Conference for Young Computer Scientists, pp. 2137–2142 (2008)Google Scholar
  4. 4.
    Ganguly, A., Agrawal, A., Boykin, P., Figueiredo, R.: IP over P2P: Enabling Self-configuring Virtual IP Networks for Grid Computing. In: Proc. International Parallel and Distributed Processing Symposium (2006)Google Scholar
  5. 5.
    Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: Proceedings of the first ACM Workshop on Scalable Trusted Computing, pp. 21–24. ACM, New York (2006)CrossRefGoogle Scholar
  6. 6.
    Kuntze, N., Schmidt, A.U.: Trusted ticket systems and applications. In: New Approaches for Security, Privacy, and Trust in Complex Systems. Proceedings of the IFIP sec2007, Sandton, South Africa, May 14-16. Springer, Heidelberg (2007)Google Scholar
  7. 7.
    Leung, A., Chen, L., Mitchell, C.: On a Possible Privacy Flaw in Direct Anonymous Attestation (DAA). Technical Report, Tech. Report RHUL-MA-2007-10, Mathematics Department, Royal Holloway. University of London (December 2007)Google Scholar
  8. 8.
    Mitchell, C., et al.: Trusted Computing, vol. 1. IEEE Press, London (2005)Google Scholar
  9. 9.
    Pearson, S.: Trusted Computing Platforms, the Next Security Solution. HP Laboratories, Bristol (2002)Google Scholar
  10. 10.
    Pollock, W., Pitcher, C. Chicago, I.: Identifying Trustworthy Hosts Using Remote Attestation, (accessed on May 31, 2010)
  11. 11.
    Rudolph, C.: Covert Identity Information in Direct Anonymous Attestation (DAA). IFIP Security, 232–443 (2007)Google Scholar
  12. 12.
    Scarlata, V., Rozas, C., Wiseman, M., Grawrock, D., Vishik, C.: TPM Virtualization: Building a General Framework. Trusted Computing: Ein Weg zu neuen It-sicherheitsarchitekturen (2007)Google Scholar
  13. 13.
    Schechter, S., Greenstadt, R., Smith, M.: Trusted computing, peer-to-peer distribution, and the economics of pirated entertainment. In: Proceedings of The Second Annual Workshop on Economics and Information Security, pp. 29–30. Springer, Heidelberg (2003)Google Scholar
  14. 14.
    Schmidt, A., Kuntze, N., Kasper, M.: On the deployment of Mobile Trusted Modules. In: Proceedings of the 9th IEEE Conference on Wireless Communications and Networking (WCNC 2008), pp. 3169–3174 (2008)Google Scholar
  15. 15.
    Stumpf, F., Fuchs, A., Katzenbeisser, A., Eckert, C.: Improving the scalability of platform attestation. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 1–10. ACM, New York (2008)CrossRefGoogle Scholar
  16. 16.
    Stumpf, F., Tafreschi, O., Roder, P., Eckert, C.: A Robust Integrity Reporting Protocol for Remote Attestation. In: Proceedings of the Workshop on Advances in Trusted Computing, WATC (2006)Google Scholar
  17. 17.
    Trusted Computing Group. TPM Specification Version 1.2 Revision 103. Trusted Computing Group (2009)Google Scholar
  18. 18.
    Tsugawa, M., Fortes, J.: A Virtual Network (ViNe) Architecture for Grid Computing. In: Proc. of the IEEE Intl. Parallel and Distributed Processing Symp (IPDPS), Rhodes, Greece (June 2006)Google Scholar
  19. 19.
    Winter, J.: Trusted computing building blocks for embedded linux-based arm trustzone platforms. In: STC 2008: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 21–30. ACM, New York (2008)CrossRefGoogle Scholar
  20. 20.
    Wolinsky, D., Agrawal, A., Boykin, P., Davis, J., Ganguly, A., Paramygin, V., Sheng, Y., Figueiredo, R.: On the Design of Virtual Machine Sandboxes for Distributed Computing in Wide-area Overlays of Virtual Workstations. In: Virtualization Technology in Distributed Computing, VTDC, p. 8 (2006)Google Scholar

Copyright information

© IFIP 2010

Authors and Affiliations

  • Nicolai Kuntze
    • 1
  • Carsten Rudolph
    • 1
  1. 1.Fraunhofer Institute for Secure Information Technology SITDarmstadtGermany

Personalised recommendations