[tc-rg] Trusted Computing Use Case Document

Wenbo Mao wenbo.mao at hp.com
Mon Jun 27 11:51:40 CDT 2005


Under the item "securing the issue of credentials," or maybe under 
"helping users to secure their credentials," somewhere in the system 
needs a backup server  to work (maybe in a MyProxy position). This is 
necessary in case the user's TPM breaks down. This means that a user 
private key can be exported from a TPM  to the backup server when the 
key is generated.

While a user's mission critical data can be recovered by working with 
the backup server, an attested remote execution (eg, for secure 
multi-party computation, SMPC) should use a non-exportable key 
(attestation identity key, AIK), therefore existing a backup server 
can't damage SMPC.

Just my few pence (or US cents in Chicago:-)

Andrew Martin wrote:

> Dear all,
> Thinking about the Trusted Computing use case document, I have come up
> with five headings under which to arrange use cases:
> * securing the issue of credentials
>    CA ops etc..
> * helping users to secure their credentials
>    long term
>    short term (proxies etc..)
> * secure data storage
>    data grid applications??
> * attested remote execution
>    grid compute jobs/data centre processing
>    public resource distributed computing
> * infrastructure management
>    distributed firewalls, trusted gateways, etc..
> Have I missed any big areas?  Do these overlap too much?
> Can you (especially those who promised at the BOF in Seoul!) 
> contribute use cases under these headings (or otherwise)?  Please come 
> along on Wednesday and enter the discussion (or send me an email if 
> you can't make it).
> Best regards
> Andrew

Dr Wenbo Mao
Principal Engineer         Tel:          +44 (0)117 312 9528
Hewlett-Packard Labs.      Fax:          +44 (0)117 312 9285
Filton Road, Bristol       Email:           wenbo.mao at hp.com
United Kingdom BS34 8QZ    http://www.hpl.hp.com/personal/wm

More information about the tc-rg mailing list