Skip to main content

A Practical Approach for Establishing Trust Relationships between Remote Platforms Using Trusted Computing

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNTCS,volume 4912)


Over the past years, many different approaches and concepts in order to increase computer security have been presented. One of the most promising of these concepts is Trusted Computing which offers various services and functionalities like reporting and verifying the integrity and the configuration of a platform (attestation). The idea of reporting a platform’s state and configuration to a challenger opens new and innovative ways of establishing trust relationships between entities. However, common applications are not aware of Trusted Computing facilities and are therefore not able to utilise Trusted Computing services at the moment. Hence, this article proposes an architecture that enables arbitrary applications to perform remote platform attestation, allowing them to establish trust based on their current configuration. The architecture’s components discussed in this article are also essential parts of the OpenTC proof-of-concept prototype. It demonstrates applications and techniques of the Trusted Computing Group’s proposed attestation mechanism in the area of personal electronic transactions.


  • Trusted Platform Module
  • Java Virtual Machine
  • Trust Computing
  • Secure Socket Layer
  • Trust Computing Group

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium, pp. 223–238 (2004)

    Google Scholar 

  2. NTRU Cryptosystems, Inc. NTRU Core TCG Software Stack (CTSS) (2005),

  3. Stallman, R.: Can You Trust Your Computer (2007),

  4. Schneier, B.: Who Owns Your Computer (2007),

  5. Baek, K.-Y., Ingersoll, W., Rotondo, S.A.: OpenSolaris Project: Trusted Platform Module Support (2007),

  6. Kay, R.L.: Trusted Computing is Real and it’s Here (2007),

  7. Sarmenta, L., Rhodes, J., Müller, T.: TPM/J Java-based API for the Trusted Platform Module (2007),

  8. Microsoft Developer Network. TPM Base Services (2007),

  9. TrouSerS - An Open-Source TCG Software Stack Implementation (2007),

  10. Kinney, S.: Trusted Platform Module Basics: Using TPM in Embedded Systems. Elsevier, Burlington, MA, USA (2006)

    Google Scholar 

  11. Sadeghi, A.-R., Stüble, C.: Property-based Attestation for Computing Platforms: Caring about Policies, not Mechanisms. In: Proceedings of the New Security Paradigm Workshop (NSPW), pp. 67–77 (2004)

    Google Scholar 

  12. Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation - Virtual Machine Directed Approach to Trusted Computing. In: Proceedings of the 3rd Virtual Machine Research and Technology Symposium, pp. 29–41 (2004)

    Google Scholar 

  13. International Telecommunication Union. Generation and registration of Universally Unique Identifiers (UUIDs) and their use as ASN.1 object identifier components. ITU-T X.667 (2004),

  14. Pirker, M., Winkler, T., Toegl, R.: Trusted Computing for the JavaTMPlatform (2007),

  15. Trusted Computing Group. TCG Software Stack Specification, Version 1.2 Errata A (2007),

  16. W3C. Simple Object Access Protocol (SOAP) 1.1, W3C Note (2000),

  17. Trusted Computing Group. TCG Infrastructure Specifications (2007),

  18. Trusted Computing Group (2007),

  19. Selhost, M., Stüble, C.: TrustedGRUB, Version 1.1 (2007),

  20. Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: Proceedings of the first ACM workshop on Scalable Trusted Computing, pp. 21–24 (2006)

    Google Scholar 

  21. Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A Robust Integrity Reporting Protocol for Remote Attestation. In: Second Workshop on Advances in Trusted Computing (WATC 2006 Fall) (2006)

    Google Scholar 

  22. Trusted Computing Group. Trusted Network Connect (TNC) Specifications (2007),

  23. Trusted Computing Group. TCG Specification Architecture Overview, Revision 1.4 (2007),

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dietrich, K., Pirker, M., Vejda, T., Toegl, R., Winkler, T., Lipp, P. (2008). A Practical Approach for Establishing Trust Relationships between Remote Platforms Using Trusted Computing. In: Barthe, G., Fournet, C. (eds) Trustworthy Global Computing. TGC 2007. Lecture Notes in Computer Science, vol 4912. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-78662-7

  • Online ISBN: 978-3-540-78663-4

  • eBook Packages: Computer ScienceComputer Science (R0)