[tc-rg] Trusted Computing Use Case Document
wenbo.mao at hp.com
Mon Jun 27 11:51:40 CDT 2005
Under the item "securing the issue of credentials," or maybe under
"helping users to secure their credentials," somewhere in the system
needs a backup server to work (maybe in a MyProxy position). This is
necessary in case the user's TPM breaks down. This means that a user
private key can be exported from a TPM to the backup server when the
key is generated.
While a user's mission critical data can be recovered by working with
the backup server, an attested remote execution (eg, for secure
multi-party computation, SMPC) should use a non-exportable key
(attestation identity key, AIK), therefore existing a backup server
can't damage SMPC.
Just my few pence (or US cents in Chicago:-)
Andrew Martin wrote:
> Dear all,
> Thinking about the Trusted Computing use case document, I have come up
> with five headings under which to arrange use cases:
> * securing the issue of credentials
> CA ops etc..
> * helping users to secure their credentials
> long term
> short term (proxies etc..)
> * secure data storage
> data grid applications??
> * attested remote execution
> grid compute jobs/data centre processing
> public resource distributed computing
> * infrastructure management
> distributed firewalls, trusted gateways, etc..
> Have I missed any big areas? Do these overlap too much?
> Can you (especially those who promised at the BOF in Seoul!)
> contribute use cases under these headings (or otherwise)? Please come
> along on Wednesday and enter the discussion (or send me an email if
> you can't make it).
> Best regards
Dr Wenbo Mao
Principal Engineer Tel: +44 (0)117 312 9528
Hewlett-Packard Labs. Fax: +44 (0)117 312 9285
Filton Road, Bristol Email: wenbo.mao at hp.com
United Kingdom BS34 8QZ http://www.hpl.hp.com/personal/wm
More information about the tc-rg