Trusted distributed log services

Establishing trust is a key challenge in mobile applications or wherever interactions are volatile and a-priori trust cannot be reasonably assumed. Trustworthy log services could grant several benefits in this context. In the attempt to formalise this class of security services, we have uncovered th...

Full description

Saved in:
Bibliographic Details
Main Author: Aime, Marco D
Format: Conference Proceeding
Language:English
Subjects:
Context-aware services
Costs
Cryptography
Data security
Event detection
Hardware
Log services
Privacy
Protection
Scalability
Security and Privacy Protection
Technology management
Trusted Computing
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Establishing trust is a key challenge in mobile applications or wherever interactions are volatile and a-priori trust cannot be reasonably assumed. Trustworthy log services could grant several benefits in this context. In the attempt to formalise this class of security services, we have uncovered that their safe design require specific trust assumptions and tamper-resistant hardware. These requirements are met by commodity cryptographic equipment, but at the cost of serious scalability limits in practical applications. Additional cryptographic tools can be exploited to overcome these limitations. In particular, we have compared several implementation options based on the TPM, a security chip installed on most PC-like devices. We have highlighted that TPM standard features actually allow implementing trusted log services but with serious scalability constraints. We have thus discussed some solutions to overcome these limitations by adding minimal new features to the TPM.
DOI:10.1109/EW.2010.5483494