Abstract
The Generic Authentication Architecture (GAA) is a standardised extension to the mobile telephony security infrastructures (including the Universal Mobile Telecommunications System (UMTS) authentication infrastructure) that supports the provision of generic security services to network applications. In this paper we propose one possible means for extending the widespread Trusted Computing security infrastructure using a GAA-like framework. This enables an existing security infrastructure to be used as the basis of a general-purpose authenticated key establishment service in a simple and uniform way, and also provides an opportunity for trusted computing aware third parties to provide novel security services. We also discuss trust issues and possible applications of GAA services.
This work was partially sponsored by the Natural Science Foundation of Guangdong Province, China (No. 9351064101000003) and the Science and Technology Project of Guangzhou, China (No. 2011J4300028).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
3rd Generation Partnership Project (3GPP): Technical Specification Group Services and Systems Aspects, Generic Authentication Architecture (GAA), Generic Bootstrapping Architecture, Technical Specification TS 33.220, Version 9.2.0 (2009)
Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proundler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall (2003)
Brickell, E.F., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Atluri, V., Pfitzmann, B., McDaniel, P.D. (eds.) Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washingtion, DC, USA, October 25-29, pp. 132–145. ACM (2004)
Chunhua, C., Mitchell, C., Shaohua, T.: Ubiquitous One-Time Password Service Using the Generic Authentication Architecture. Mobile Networks and Applications, http://rd.springer.com/article/10.1007/s11036-011-0329-z
Gallery, E.: An overview of trusted computing technology. In: Mitchell, C.J. (ed.) Trusted Computing, pp. 29–114. IEE (2005)
Gallery, E., Tomlinson, A.: Secure Delivery of Conditional Access Applications to Mobile Receivers. In: Mitchell, C.J. (ed.) Trusted Computing, pp. 195–237. IEE (2005)
Holtmanns, S., Niemi, V., Ginzboorg, P., Laitinen, P., Asokan, N.: Cellular Authentication for Mobile and Internet Services. John Wiley and Sons (2008)
International Organization for Standardization, Genève, Switzerland: ISO/IEC 9798-3:1998, Information technology—Security techniques—Entity authentication—Part 3: Mechanisms using Digital Signature Techniques (1998)
Pashalidis, A., Mitchell, C.J.: Single Sign-On Using Trusted Platforms. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 54–68. Springer, Heidelberg (2003)
Trusted Computing Group: TCG Software Stack (TSS) Specification Part 1: Commands and Structures, Version 1.2 (2007)
Trusted Computing Group: TPM Main, Part 1 Design Principles, TCG Specification, Version 1.2, Revision 103 (2007)
Trusted Computing Group: TPM Main, Part 2 TPM Data Structures, TCG Specification, Version 1.2, Revision 103 (2007)
Trusted Computing Group: TPM Main, Part 3 Commands, TCG Specification, Version 1.2, Revision 103 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, C., Mitchell, C.J., Tang, S. (2012). Building General Purpose Security Services on Trusted Computing. In: Chen, L., Yung, M., Zhu, L. (eds) Trusted Systems. INTRUST 2011. Lecture Notes in Computer Science, vol 7222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32298-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-32298-3_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32297-6
Online ISBN: 978-3-642-32298-3
eBook Packages: Computer ScienceComputer Science (R0)