Implementing a Portable Trusted Environment

Abstract

The development of trusted systems, as envisaged by the Trusted Computing Group, assumed that the computing environments are uniform in terms of their operational environment, including hardware configuration, execution of a standard set of applications, operating system and facilities and procedures that allow the issue, revocation and maintenance of critical encryption keys and authorization certificates. These assumptions may be applicable to a single managed enterprise infrastructure. However, in situations where the users are mobile, or the computing environment is heterogeneous and the Internet provides the connectivity, the management of trust between enterprises becomes overwhelmingly difficult, if not impossible. As a result, deployment and uptake of trusted secure systems based on Trusted Platform Module have not been as successful as first envisaged. In this paper, we report on our experiences in designing and implementing a prototype personal trusted device called the Trust Extension Device, or TED, that provides users with a portable trustworthy environment for conducting transactions on any Internet connected computer. © 2009 Vieweg+Teubner Verlag | GWV Fachverlage GmbH, Wiesbaden.