More Related Content
Similar to 50120140502015
Similar to 50120140502015 (20)
More from IAEME Publication
More from IAEME Publication (20)
50120140502015
- 1. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 5, Issue 2, February (2014), pp. 140-144 © IAEME
140
THE PRIVACY FEATURE OF TRUSTED COMPUTING TECHNOLOGY
USING THE CONCEPT OF DIRECT ANONYMOUS ATTESTATION WITH
CLOUD AS A TECHNIQUE
E. PADMA Prof. Dr. S. RAJALAKSHMI
Research Scholar Director, SJCAR
SCSVMV University, Enathur SCSVMV University, Enathur
ABSTRACT
The Trusted Platform Module (TPM) is a hardware chip designed to enable computers to
achieve a greater level of security. In the Distributed Environment all the systems are connected
together with a limited bandwidth security feature. The TPM module will increase the security
feature by the concept of DAA. Direct anonymous attestation (DAA) is a special digital signature
primitive, which provides a balance between signer authentication and privacy. A DAA scheme
involves a set of issuers, signers, and verifiers. An issuer is in charge of verifying the legitimation of
signers and of issuing a DAA credential to each signer. The TPM is the real signer and holds the
secret signing key. Authentication can be applied at the level of the virtual private network (VPN).
As a technique of cloud service the authentication to the distributed environment can be modeled
with the Trusted Platform Technology.
Keywords: Trusted Platform Module, Virtual Private Network, Direct Anonymous Attestation,
Authentication.
I. INTRODUCTION
The distributed systems and network computing were used widely; security has become an
urgent problem. To provide more security the verification and authentication of the user can be
widely used by the technique of Trusting Computing [3]. The Trusted Computing as a hardware chip
enabled the security feature with limited exemptions. Trusted Computing in the field of software
using the Direct Anonymous Attestation will prove the model to be more secure. The security for the
distributed systems will be provided enormously using the verification and attestation key. The DAA
credentials have to be assigned to each distributed system users. Cloud computing is concerned with
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &
TECHNOLOGY (IJCET)
ISSN 0976 – 6367(Print)
ISSN 0976 – 6375(Online)
Volume 5, Issue 2, February (2014), pp. 140-144
© IAEME: www.iaeme.com/ijcet.asp
Journal Impact Factor (2014): 4.4012 (Calculated by GISI)
www.jifactor.com
IJCET
© I A E M E
- 2. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 5, Issue 2, February (2014), pp. 140-144 © IAEME
141
the sharing and coordinated use of diverse resources in distributed organizations. Cloud computing
provides a facility that enable large-scale controlled sharing and interoperation among resources that
are dispersedly owned and managed. The Trusted Computing Platform (TCP) has to be integrated
with Trusted Platform Module (TPM), in order to protect the distributed computing system. The TCP
can improve the cloud computing security. A Software middleware, the Trusted Platform Base
Service on which the cloud computing application can use easily the security function of TPM.
II. RELATED WORK ABOUT TPM WITH DISTRIBUTED COMPUTING
ENVIRONMENT
A. Current Security Model of Distributed Computing
The Trusted Platform Module with distributed system gives less performance feature. The
Trusted Computing Group provides enormous services for the massive number of system. The
Security model of Distributed System alone deals with Secrecy, Integrity, Availability and
Accountability. The Secrecy feature deals with controlling the read information. Integrity deals with
how Information changes are used. The term Availability prompts access to information and
resources. The Accountability service provides information about the individual users who had
accessing right [11]. The Security Information was concerned with human user authentication, peer-
to-peer authentication for communicating entities. The distribution demands a communication
system between entities. Security messages and secured messages can be transported. The
performance is reduced apparently when the cryptographic computing are processed. The creation
and protection of certificates are not secure enough for the distributed computing environments [3].
The trusted root in the distributed computing environment has not been defined clearly. The
Challenges of the exempted performance can be defined in future using the attestation and
verification for each user individually.
B.Challenges of Distributed Computing Environment
The challenges for distributed computing systems to satisfy increasing demands for various
applications become greater. Apart from reliability, performance, availability and many other entities
such as security, privacy, trustworthiness, situation awareness, flexibility and rapid development of
various applications have also become important [2]. Managing a large number of personal devices
and data, improving the auto commute through data dissemination. Research in security, storage
systems, simplifying management, and reliability is likely to lead to the creation of important new
knowledge and design [10].The Security policies for the distributed users using their resources are
limited. The scope of the security mechanism has to be implemented with proper services. Each
individual user has to maintain their own verifiers for accessing any available resources with the
prescribed mechanism. The requirements for the distributed users to be enhanced with the feature of
Attestation.
III. TRUSTED COMPUTING TECHNOLOGY
The basic features of TPM include configuration management and basic cryptographic
operation. The configuration management is the main design goal of TPM [9]. TPM can enforce
security policies on hierarchies for the purpose of protection. In 1999, HP,IBM, Compaq, Intel, and
Microsoft announced the formation of the Trusted Computing Platform Alliance (TCPA) that
focused on building confidence and trust of computing platform in e-business transactions. In 2003,
the Trusted Computing Group (TCG) was formed and has adopted the specifications developed by
TCPA. The distinguishing feature of TCG technology is arguably the incorporation of “roots of
- 3. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 5, Issue 2, February (2014), pp. 140-144 © IAEME
142
trust” into computer platforms [3] Trusted platform software stack (TSS) provides the interfaces
between TPM and other system modules. To measure each of the components in the system (both
hardware and software) and securely store the results of the measurements in Platform Configuration
Registers (PCR) within the TPM
IV. DISTRIBUTEDCOMPUTING ENVIRONMENT WITH DAA
Direct Anonymous Attestation (DAA) is a scheme developed by Brickell, Camenisch, and
Chen[12] for remote authentication of a security hardware module called Trusted Platform Module
(TPM) which is the core component of the trusted computing platform to remotely convince a
communication partner that it is indeed a Trusted Platform Module[7].
Fig1. Architecture of Distributed Environment
The DAA Algorithm deals with the concept of Attestation key. The keys involved in DAA
provide signing and verifying authority for all the users. The Algorithm contains full protection
with authentication. The Distributed Computing Environment needs more security feature to protect
from the attackers. As a view the Trusted Attestation Key has been acknowledged to carry over the
process. DAA Algorithm deals with distributed resource sharing in the form of allocating each
system a privacy enhancing measure. The counter value is kept for the easy identification of each
and every system accessing with the Trusted Attestation Key (TAK). The Trusted party alone can
have the access with the shared resource. The Algorithm finds the intruder while signed in as
unauthorised user. Remotely the Authorisation can be verified using the Concept of TAK. The
massive number of users will sign in at the moment and access the system distributedly. To track the
efficiency factor a register is maintained separately called Efficient Configuration Register (ECR).
The ECR will maintain the record of individual user from the distributed environment and work with
full trustiness feature. The Efficiency factor can be calculated using the register value along with the
counter value that has been generated. All the system remotely accessed can be given identification
to know the trustworthiness.
V. PROPOSED METHODOLOGY
In the proposed methodology, the attestation key algorithm plays a role of attesting the
authorized user to access the data and to maintain the integrity. The key will be generated using
authentication code. The generated key will be used by each individual to share the distributed
resource. The algorithm checks for the authorization and then grants the right for accessing the
information. The algorithm then enters in verification phase by verifying the trusted user by issuing
the attested key. In this phase, the signature of the trusted party will be verified using the
TPM
DISTRIBUTED
ENVIRONMENT
DAA
- 4. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 5, Issue 2, February (2014), pp. 140-144 © IAEME
143
cryptosystem. The TAK Algorithm measures the efficiency of resources that are accessed. The
security features for the integrity also to be measured using this algorithm.
Step 1: generation of key
Step 2: check for authorization
Step 3: verification phase
VI. BUILD TRUSTED ENVIRONMENT WITH DAA USING CLOUD AS TECHNIQUE
The trusted computing mechanism can provide a way that can help to establish a security
environment. The model of trusted computing is originally designed to provide the privacy and trust
in the personal platform and the trusted computing platform is the base of the trusted computing[3].
Distributed computing should involve a large amount of entities, such as users and resources from
different sources; the authentication is important and complicated. The model for direct anonymous
attestation is varied based on the signature. Each system is digitized with verification and signing. In
this paper the new concept of DAA with Trusted Attestation Key as a security feature enhancing the
distributed system to work without any interruption of the intruders. Cloud as a technique the
Attestation Algorithm with the efficiency factor is measured. The root of trust for all the users and
how far the accessing varies with one user to another user can also be measured with the Attestation.
The ECR will maintain separate register for all the users who are connected together to access the
system. There are some pitfalls with the efficiency measurement in cloud security. The DAA plays a
role to rectify the vast amount of illegal authorities accessing the system. The trusted environment
can be build with the authentication protocol which can be exchanged between the user and the
server.
VII. CONCLUSION
In this paper a new DAA scheme called Trusted Attestation Key has been defined to measure
the usage of authorized users. The Authentication can be conformed with the signing model. The
security with the Trusted Attestation key algorithm has some limitation in this paper. The distributed
computing environment works with fault tolerance. As the case of distributed computing
environment the bandwidth of the measurement feature can be more increased for the various
systems. The Trusted Computing environment has the root of trust with the authentication protocol.
The performance criteria of the system have to be further redesigned as a future work. Cloud as a
technique is considered in this paper as an initial phase. The security mechanism to be further
measured. The Efficiency Factor for the configuration measurement of all distributed system to be
configured in the future.
VIII. REFERENCES
[1] Ronald Toegl, Thomas Winkler, Mohammad Nauman and Theodore W. Hong Specification
and Standardization of a Java Trusted Computing API SOFTWARE – PRACTICE AND
EXPERIENCE Softw. Pract. Exper. 2011 Published online in Wiley Online Library
(wileyonlinelibrary.com).
[2] Yau, Stephen S , High Performance Computing and Communications (HPCC), 2011 IEEE
13th International Conference on 2-4 Sept. 2011.
- 5. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),
ISSN 0976 - 6375(Online), Volume 5, Issue 2, February (2014), pp. 140-144 © IAEME
144
[3] Zhidong Shen, Qiang Tong ,The Security of Cloud Computing System enabled by Trusted
Computing Technology, 2010 2nd
International Conference on Signal Processing Systems
(ICSPS)
[4] Stueble C, Zaerin A. µTSS - a simplified trusted software stack. Proceedings of the 3rd
International Conference on Trust and Trustworthy Computing (TRUST 2010), no. 6101 in
LNCS, Springer Verlag, 2010.
[5] C. Latze, U. Ultes-Nitsche, F. Baumgartner, Extensible Authentication Protocol Method for
Trusted Computing Groups (TCG) Trusted Platform Modules, Work in Progress, 2009
[6] Pirker M, Toegl R, Hein D, Danner P. A Privacy CAfor anonymity and trust. Proc. Trust ’09,
LNCS, Vol. 5471.Springer, 2009.
[7] CHEN Xiaofeng and FENG Dengguo, Direct Anonymous Attestation for Next Generation
TPM JOURNAL OF COMPUTERS, VOL.3, NO. 12, DECEMBER 2008.
[8] Microsoft. TPM Base Services. Microsoft Developer Network, 2007.
http://msdn.microsoft.com/en-us/library/ aa446796(VS.85).aspx [27 May 2011]
[9] Tian Haibo, Wang Yumin The Future Network Security, China Communications August
2006.
[10] M. Frans Kaashoek Barbara Liskov David Andersen Mike Dahlin Carla Ellis Steve Gribble
Anthony Joseph Hank Levy Andrew Myers Jeff Mogul Ion Stoica Amin Vahdat, Report of
the NSF Workshop on Research Challenges in Distributed Computer Systems, Dec 4 2005.
[11] Claus Fritzner,Leif Nilsen And smund Skomedal , Protecting Security Information in
DistributedSystems,GH2986891/0000/0245$01.00@1991 IEEE
[12] Ernest F. Brickell, Jan Camenisch, Liqun Chen: Direct anonymous attestation. ACM
Conference on Computer and Communications Security 2004: 132-145.
[13] Elaine Shi, Adrian Perrig, Leendert Van Doorn BIND: A Fine-grained Attestation Service for
Secure Distributed Systems.
[14] Gurudatt Kulkarni, Jayant Gambhir and Amruta Dongare, “Security in Cloud Computing”,
International Journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 1,
2012, pp. 258 - 265, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.
[15] Abhishek Pandey, R.M.Tugnayat and A.K.Tiwari, “Data Security Framework for Cloud
Computing Networks”, International Journal of Computer Engineering & Technology
(IJCET), Volume 4, Issue 1, 2013, pp. 178 - 181, ISSN Print: 0976 – 6367, ISSN Online:
0976 – 6375.
[16] A.Madhuri and T.V.Nagaraju, “Reliable Security in Cloud Computing Environment”
International Journal of Information Technology and Management Information Systems
(IJITMIS), Volume 4, Issue 2, 2013, pp. 23 - 30, ISSN Print: 0976 – 6405, ISSN Online:
0976 – 6413.