Title :
Protocol for trusted channel based on portable trusted module
Author :
Zhang Dawei ; Han Zhen ; Jiang Yichen ; Du Ye ; Li Meihong
Author_Institution :
Sch. of Comput. & Inf. Technol., Beijing Jiaotong Univ., Beijing, China
Abstract :
Web-based e-commerce applications need a trusted channel, which provides confidential communication, identity authentication and integrity assurance of endpoints, to guarantee the security of electronic transactions. A user-oriented trusted computing system based on Portable Trusted Module (PTM) is presented. Remote attestation is incorporated into Transport Layer Security (TLS) handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network. This protocol can resist masquerading, trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively. The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.
Keywords :
Internet; cryptographic protocols; data privacy; electronic commerce; transport protocols; trusted computing; Internet; PTM; TLS handshake protocol; Web-based e-commerce applications; confidential communication; electronic transaction security; identity authentication; integrity assurance; portable trusted module; remote attestation; transport layer security handshake protocol; trusted channel; user-oriented trusted computing system; Authentication; Java; Malware; Trust management; Universal Serial Bus; remote attestation; transport layer security; trusted computing; trusted module;
Journal_Title :
Communications, China
DOI :
10.1109/CC.2013.6674205
