Abstract
Trusted Computing is a special branch of computer security. One branch of computer security involves protection of systems against external attacks. In that branch we include all methods that are used by system owners against external attackers, for example Firewalls, IDS, IPS etc. In all those cases the system owner installs software that uses its own means to determine if a remote user is malicious and terminates the attack. (Such means can be very simple such as detecting signatures of attacks or very complex such as machine learning and detecting anomalies in the usage pattern of the remote user). Another branch of attacks requires protection by the system owner against internal users. Such attacks include prevention of users to read each other’s data, use more than their allotted share of resources etc. To some extent anti-virus/anti-spam software is also included here. All password protection and used management software are included in this branch. The third branch, Trusted Computing, involves the verification of a remote host that the user machine will behave in a certain predictable way, i.e. protection against the current owner of the machine. The most common example for this kind of requirement is distribution of digital media. Digital media is distributed in some conditional access mode (rented, pay per view, sold for personal use, etc.). Obtaining digital media usually does not entitle the user to unlimited rights. The user usually may not redistribute or edit the digital media and may not even be allowed to consume it himself after a certain date. (Media rentals, pay per view) However, as the user is consuming media on his private machine. How can the media provider assure himself that a malicious user does not tamper with the machine so that contents are not replicated? The problem of security against the owner of the machine is the problem region of Trusted Computing. In trusted computing as opposed to other branches of security the “attacker” is not limited to some attack surface that was exposed to him but can also use a soldering iron to tap into busses, replace chips and other system parts etc. Trusted computing also includes other protection tools against the current owner (or possessor of the machine if not the legal owner). For example protection of sensitive data or disk encryption solutions for laptops and mobile phones that can potentially be stolen. Trusted computing can also be used on the cloud to ensure that the host does not inspect a cloud server and the software running on the server is not stolen. Latest trusted computing technology involves means to ensure commands are sane and are not malicious, for example in computers on cars and avionics. In this chapter we will review DRM and Trusted computing solutions from multiple sources.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Blum M, Feldman P, Micali S (1988) Non-interactive zero-knowledge and its applications. In: Proceedings of the twentieth annual ACM symposium on theory of computing (STOC ‘88). ACM, New York, pp 103–112
Intel Trusted execution Technology—whitepaper hardware based technology for advanced server protection. http://www.intel.com/content/www/us/en/trusted-execution-technology/trusted-execution-technology-security-paper.html, http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf
Quisquater J-J, Guillou LC, Berson TA (1990) How to explain zero-knowledge protocols to your children. In: Advances in cryptology—CRYPTO ‘89 proceedings, lecture notes in computer science, vol 435. Springer, Berlin, pp 628–631
Stiel M (2005) 17 mistakes Microsoft made with the Xbox security system. In: 22nd computer chaos club conference
Tarnovsky C (2010) Hacking the smartcard chip. Blackhat, DC
Tarnovsky C (2012) DEF CON 20: attacking TPM part 2
TPM Reset Attack Evan Sparks. http://www.cs.dartmouth.edu/~pkilab/sparks/
Wojtczuk Rl, Rutkowska J (2009) Attacking Intel® trusted execution technology. Invisible Things Lab, Blackhat, DC
Zaidenberg N (2013) TrulyProtect 2.0 and attacks on TrulyProtect 1.0. poster presentation. In: ECIW 2013—12th European conference on information warfare and security (Jyväskylä)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Zaidenberg, N., Neittaanmäki, P., Kiperberg, M., Resh, A. (2015). Trusted Computing and DRM. In: Lehto, M., Neittaanmäki, P. (eds) Cyber Security: Analytics, Technology and Automation. Intelligent Systems, Control and Automation: Science and Engineering, vol 78. Springer, Cham. https://doi.org/10.1007/978-3-319-18302-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-18302-2_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18301-5
Online ISBN: 978-3-319-18302-2
eBook Packages: EngineeringEngineering (R0)