Dirk Kuhlmann, Arnd Weber

Open Trusted Computing
D02.3 Requirements Definition and Specification

European Commission, Brussels 2008
[Full text/pdf / 1.318 kb]   [Introduction]


TABLE OF CONTENTS

1 Summary 8
2 Introduction 9
3 Results of consortium-internal Survey 11
  3.1 Survey Results 11
  3.2 Summary and Conclusions 19
4 Media Analysis 20
  4.1 Method and Selected Media 20
  4.2 TC in General 20
  4.3 Suggestions 24
5 OpenTC Application Scenarios 26
  5.1 Private Electronic Transactions 26
  5.2 Trusted Virtual Datacenter 32
  5.3 Corporate Computing at Home 38
6 Workpackage Structure and Relationships 43
7 High Level Architecture Overview 45
  7.1 Motivation 45
  7.2 Trusted Virtualization Platform Architecture 46
8 Workpackage 03: Basic Interface and Trust Layers 51
  8.1 SWP 3a: Trusted Computing enhanced CPUs 52
  8.2 SWP 3b: TSS-Stack according to TCG Specification 55
  8.3 SWP03c: basic TPM-enabled crypto services 60
  8.4 SWP03d: Java Integration High Level Overview 63
9 Workpackage 04: Virtual Machine Monitors 68
  9.1 Specific Goals and Deliverables 68
  9.2 Requirements and Architecture Discussion 69
  9.3 Goals and Deliverables 70
  9.4 Xen and L4 specifics 74
10 Workpackage 05: Management of OpenTC Framework 77
  10.1 The OpenTC Security Services 79
  10.2 OpenTC Security Management Services 82
  10.3 Management of the Trusted Platform Module 83
  10.4 Key Management Services and Infrastructure 85
  10.5 Implementation Architecture 87
  10.6 Management Applications 87
11 Workpackage 06: Trusted Computing Applications 90
  11.1 General 90
  11.2 SWP06a: Interoperable DRM 90
  11.3 SWP06.b: Message Exchange Infrastructure 94
  11.4 SWP06.c: Trusted Platform WYSIWYS application 99
  11.5 SWP06.d: Encrypted File Service 105
  11.6 SWP06.e: Multifactor Authentication 110
12 Workpackage 07: Evaluation and Assurance 114
  12.1 General 114
  12.2 SWP07a: Manual and automated Security Testing, Risk Analysis 114
  12.3 SWP07b: Linux Package Verification 117
  12.4 SWP07c: Applied Trust Verification and Integrity Methodology 119
  12.5 SWP07d: Towards CC EAL5 Certification 120
13 Workpackage 08: TC for embedded controllers in mobile phones 122
  13.1 Overview 122
  13.2 SWP08a: Market Requirements and technical Capabilities 123
  13.3 SWP08b: Trusted Operating System for Mobile Platforms 125
  13.4 SWP08c: Trust and security profiles for application structures 127
  13.5 Use case analysis: Secure wallet on the mobile phone 130
14 The OpenTC Project 134
15 List of References 135
16 List of Abbreviations 136
17 Appendices 138
  17.1 Consortium-internal Questionnaire 138
  17.2 References identified in the media analysis 141

 

Erstellt am: 26.08.2009 - Kommentare an: webmaster