Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted computing: implementing virtual identity Dave Birch. Director, Consult Hyperion. Introduction  Trusted computing  TCPA & Palladium.

Similar presentations


Presentation on theme: "Trusted computing: implementing virtual identity Dave Birch. Director, Consult Hyperion. Introduction  Trusted computing  TCPA & Palladium."— Presentation transcript:

1 trusted computing: implementing virtual identity Dave Birch. Director, Consult Hyperion. Introduction  Trusted computing  TCPA & Palladium  Real requirements?  Architectures  Smart cards?  Trust issues  Structures  Business Models

2 trusted computing: implementing virtual identity Why Now? TCPA & Palladium  Renewed interest in trusted computing  Linked with general security trends  Marketplace  Hardware manufacturers  Software producers  Service providers  Infrastructure builders  Big Brother?  Safe for kids, or  Mind control lasers? © Steve Jackson Games.

3 trusted computing: implementing virtual identity Trusted Computing: Nothing New  Defence background  Hardware focus  Financial services  Proprietary, expensive  Mass market  GSM as a case study

4 trusted computing: implementing virtual identity Trusted Computing: Hard Options  Software limitations obvious  Internet providing new drivers  Viruses, hacking etc  Real e–business, e–government limited  “Tamper–resistance” critical  And must be the core  Realistic with falling hardware costs

5 trusted computing: implementing virtual identity Trusted Computing: The Key Issue  The “root” of trust  Keys and certificates  A trusted environment  “Standard” use of keys and certificates  Control  Who’s in charge?

6 trusted computing: implementing virtual identity Trust Architectures: General Solutions  Trusted kernel with tamper–resistant hardware  Platform–dependent capabilities  Trusted platform providing services 1. CPU2. SCP 3. Motherboard RAM etc Devices etc 4. eg, Keyboard 5. eg, Screen

7 trusted computing: implementing virtual identity Trust Architectures: How do they Help?  The Internet example  Secure e–mail, secure web browsing  Anti–virus countermeasures  Reduce loss/theft impact  Link to higher–level security services  What else could they do?  The dark side!

8 trusted computing: implementing virtual identity Trust Architectures: Early Experiences  Central and wholesale banking  PC–based tamper–resistance  Management, insurance, legal  Telecomms & media  Smart card–based tamper–resistance  Special–purpose devices (eg, GSM, Pay TV)  Public sector  High assurance levels for national ID  Risk analysis

9 trusted computing: implementing virtual identity Trust Issues: Structures & Mechanisms  Focus on mass market  Maximise use of existing infrastructure  PCs, the Internet etc  Add tamper–resistance  Why not use a smart card?  Implement mechanisms for use  Use SSLv3, S/MIME etc

10 trusted computing: implementing virtual identity Trust Issues: Business Models  Separate tamper–resistance from device  The GSM SIM experience  Separate trust from tamper–resistance  Allow users to manage their own keys and certificates  Make trust competitive  And a standard commercial offering  Co–Opt existing infrastructure  Everything from PCs to EMV cards, Bluetooth phones to set–top boxes

11 trusted computing: implementing virtual identity Trusted Computing: Conclusions  An idea whose time has come?  TCPA, Palladium and others to follow  Opt for flexible architecture  Focus on real needs first  Allow the marketplace to evolve it  Start working on new business models  Multi–application smart cards a good place to begin experiments and pilots

12 trusted computing: implementing virtual identity Mail Web Digital Money Forum Digital Identity Forum For Further Information


Download ppt "Trusted computing: implementing virtual identity Dave Birch. Director, Consult Hyperion. Introduction  Trusted computing  TCPA & Palladium."

Similar presentations


Ads by Google