Download presentation
Presentation is loading. Please wait.
Published byThomas Mayden Modified over 9 years ago
1
trusted computing: implementing virtual identity Dave Birch. Director, Consult Hyperion. dave@chyp.com Introduction Trusted computing TCPA & Palladium Real requirements? Architectures Smart cards? Trust issues Structures Business Models
2
trusted computing: implementing virtual identity Why Now? TCPA & Palladium Renewed interest in trusted computing Linked with general security trends Marketplace Hardware manufacturers Software producers Service providers Infrastructure builders Big Brother? Safe for kids, or Mind control lasers? © Steve Jackson Games.
3
trusted computing: implementing virtual identity Trusted Computing: Nothing New Defence background Hardware focus Financial services Proprietary, expensive Mass market GSM as a case study
4
trusted computing: implementing virtual identity Trusted Computing: Hard Options Software limitations obvious Internet providing new drivers Viruses, hacking etc Real e–business, e–government limited “Tamper–resistance” critical And must be the core Realistic with falling hardware costs
5
trusted computing: implementing virtual identity Trusted Computing: The Key Issue The “root” of trust Keys and certificates A trusted environment “Standard” use of keys and certificates Control Who’s in charge?
6
trusted computing: implementing virtual identity Trust Architectures: General Solutions Trusted kernel with tamper–resistant hardware Platform–dependent capabilities Trusted platform providing services 1. CPU2. SCP 3. Motherboard RAM etc Devices etc 4. eg, Keyboard 5. eg, Screen
7
trusted computing: implementing virtual identity Trust Architectures: How do they Help? The Internet example Secure e–mail, secure web browsing Anti–virus countermeasures Reduce loss/theft impact Link to higher–level security services What else could they do? The dark side!
8
trusted computing: implementing virtual identity Trust Architectures: Early Experiences Central and wholesale banking PC–based tamper–resistance Management, insurance, legal Telecomms & media Smart card–based tamper–resistance Special–purpose devices (eg, GSM, Pay TV) Public sector High assurance levels for national ID Risk analysis
9
trusted computing: implementing virtual identity Trust Issues: Structures & Mechanisms Focus on mass market Maximise use of existing infrastructure PCs, the Internet etc Add tamper–resistance Why not use a smart card? Implement mechanisms for use Use SSLv3, S/MIME etc
10
trusted computing: implementing virtual identity Trust Issues: Business Models Separate tamper–resistance from device The GSM SIM experience Separate trust from tamper–resistance Allow users to manage their own keys and certificates Make trust competitive And a standard commercial offering Co–Opt existing infrastructure Everything from PCs to EMV cards, Bluetooth phones to set–top boxes
11
trusted computing: implementing virtual identity Trusted Computing: Conclusions An idea whose time has come? TCPA, Palladium and others to follow Opt for flexible architecture Focus on real needs first Allow the marketplace to evolve it Start working on new business models Multi–application smart cards a good place to begin experiments and pilots
12
trusted computing: implementing virtual identity Mail info@chyp.cominfo@chyp.com Web www.chyp.com Digital Money Forum www.digitalmoneyforum.com Digital Identity Forum www.digitalidforum.com For Further Information
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.