Advertisement

Establishing a Trust Relationship in Cooperative Information Systems

  • Julian Jang
  • Surya Nepal
  • John Zic
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4275)

Abstract

One method for establishing a trust relationship between two servers in a co-operative information system is to use a mutual attestation protocol based on hardware that implements the Trusted Computing Group’s TPM specification. It has been our experience in developing an eHealth demonstration system that the efficiency of such a protocol was relatively low. This inefficiency was a result of the high number of TPM function calls in response to the large number of protocol messages that must be sent by the end server systems to establish mutual trust between them prior to sending each application message (in our case, a medical record). In order to address this inefficiency, we developed a session-based mutual attestation protocol, where multiple application messages are sent over an interval of time where an established trust relationship holds. Moreover, the protocol partially addresses the security flaw due to the time interval between the time-of-attestation and time-of-use. This paper presents this new protocol, once again utilizing TPM microcontroller hardware, and compares its performance with that of our previous (per record) mutual attestation protocol.

Keywords

Trust Relationship Trusted Platform Module Remote Host Trust Computing Group Application Message 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
  3. 3.
    Shi, E., Perrig, A., Van, D.L.: BIND: a fine-grained attestation service for secure distributed systems. In: IEEE Symposium on Security and Privacy, pp. 154–168 (2005)Google Scholar
  4. 4.
    Nepal, S., Zic, J., Jaccard, F., Krachenbuehl, G.: A Tag-based Data model for privacy-preserving medical applications. In: Proceedings of EDBT IIHA Workshop, Munich, Germany, pp. 77–88 (2006)Google Scholar
  5. 5.
    Nepal, S., Zic, J., Krachenbuehl, G., Jaccard, F.: Secure Sharing of Electronic Patient Records. In: 1st European Conference on eHealth, Fribourg, Switzerland, October 12-13 (2006) (to appear)Google Scholar
  6. 6.
    Australian Government Department of Health and Aging Project. Consumer consent in electronic health data exchange – e-consentGoogle Scholar
  7. 7.
    O’Keefe, C.M., Greenfield, P., Goodchild, A.: A Decentralised Approach to Electronic Consent and Health Information Access Control. Journal of Research and Practice in Information Technology 37(2), 161–178 (2005)Google Scholar
  8. 8.
    Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: Proceedings of the 11th USENIX Security Symposium, USENIX (August 2003)Google Scholar
  9. 9.
    Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWAtt: SoftWare-based Attestation for embedded devices. In: Proceedings of IEEE Symposium on Security and Privacy (May 2004)Google Scholar
  10. 10.
    Monrose, F., Wyckoff, P., Rubin, A.D.: Distributed execution with remote audit. In: ISOC Network and Distributed System Security Symposium, pp. 103–113 (1999)Google Scholar
  11. 11.
    Haldar, V., Franz, M.: Symmetric Behavior-Based Trust: A New Paradigm for Internet Computing. In: New Security Paradigms Workshop (September 2004)Google Scholar
  12. 12.
    Reid, J., Juan, M., Nieto, G., Dawson, E., Okamoto, E.: Privacy and Trusted Computing. In: Mařík, V., Štěpánková, O., Retschitzegger, W. (eds.) DEXA 2003. LNCS, vol. 2736, p. 383. Springer, Heidelberg (2003)Google Scholar
  13. 13.
    AMD platform for trustworthy computing. WinHEC 2003 (September 2003), http://www.microsoft.com/whdc/winhec/papers03.mspx
  14. 14.
    Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Terra, D.B.: A virtual machine-based platform for trusted computing. In: Proceedings of Symposium on Operating System Principles (SOSP) (October 2003)Google Scholar
  15. 15.
    Yoshihama, S., Ebringer, T., Nakamura, M., Munetoh, S.: WS-Attestation: Efficient and Fine-Grained Remote Attestation on Web Services. In: International Conference on Web Services, July 2005, pp. 743–750 (2005)Google Scholar
  16. 16.
    Web Services Trust Language (WS-Trust), http://specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
  17. 17.
    Xiong, L., Liu, L.: A reputation-based trust model for peer-to-peer ecommerce communities. In: Proceedings of 4th ACM Conference on Electronic Commerce, pp. 228–229 (2003)Google Scholar
  18. 18.
    Millen, J.K., Wright, R.N.: Reasoning about Trust and Insurance in a Public Key Infrastructure. In: 13th IEEE Computer Security Foundations Workshop (CSFW), pp. 16–22 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Julian Jang
    • 1
  • Surya Nepal
    • 1
  • John Zic
    • 1
  1. 1.ICT CentreEppingAustralia

Personalised recommendations