TCPA/TCG and NGSCB : Benefits and Risks for Users

Ericson, Peter

January 2004

<p>Trusted computing has been proposed as a way to enhance computer security and privacy significantly by including them in the design of computing platforms instead of adding them on top of an inherently insecure foundation; however, the project has attracted much criticism. This dissertation looks at trusted computing from the user perspective. Possible beneficial uses of the technology are brought up, and some of the raised criticism is discussed. The criticism is analyzed in an attempt to find out if the criticism is correct on all points, or if some of it is the result of misinformation or misunderstanding. The conclusion is that not all the arguments against trusted computing are correct, and that the possible implications for users are taken into account in the development process. The dissertation ends on a positive note, concluding that trusted computing is possible without the worst fears of the critics coming true.</p>

TCPA

TCG

NGSCB

Trusted computing

Computer science

Datavetenskap

TCPA/TCG and NGSCB : Benefits and Risks for Users

Ericson, Peter

January 2004

Trusted computing has been proposed as a way to enhance computer security and privacy significantly by including them in the design of computing platforms instead of adding them on top of an inherently insecure foundation; however, the project has attracted much criticism. This dissertation looks at trusted computing from the user perspective. Possible beneficial uses of the technology are brought up, and some of the raised criticism is discussed. The criticism is analyzed in an attempt to find out if the criticism is correct on all points, or if some of it is the result of misinformation or misunderstanding. The conclusion is that not all the arguments against trusted computing are correct, and that the possible implications for users are taken into account in the development process. The dissertation ends on a positive note, concluding that trusted computing is possible without the worst fears of the critics coming true.

TCPA

TCG

NGSCB

Trusted computing

Computer Sciences

Datavetenskap (datalogi)

Trusted Computing & Digital Rights Management : Theory & Effects

Gustafsson, Daniel, Stewén, Tomas

January 2004

<p>Trusted Computing Platform Alliance (TCPA), now known as Trusted Computing Group (TCG), is a trusted computing initiative created by IBM, Microsoft, HP, Compaq, Intel and several other smaller companies. Their goal is to create a secure trusted platform with help of new hardware and software. TCG have developed a new chip, the Trusted Platform Module (TPM) that is the core of this initiative, which is attached to the motherboard. An analysis is made on the TCG’s specifications and a summary is written of the different parts and functionalities implemented by this group. Microsoft is in the development stage for an operating system that can make use of TCG’s TPM and other new hardware. This initiative of the operating system is called NGSCB (Next Generation Secure Computing Base) former known as Palladium. This implementation makes use of TCG’s main functionalities with a few additions. An analysis is made on Microsoft’s NGSCB specifications and a summary is written of how this operating system will work. NGSCB is expected in Microsoft’s next operating system Longhorn version 2 that will have its release no sooner than 2006. Intel has developed hardware needed for a trusted platform and has come up with a template on how operating system developers should implement their OS to make use of this hardware. TCG’s TPM are also a part of the system. This system is called LaGrande. An analysis is also made on this trusted computing initiative and a sum up of it is written. This initiative is very similar to NGSCB, but Microsoft and Intel are not willing to comment on that. DRM (Digital Rights Management) is a technology that protects digital content (audio, video, documents, e-books etc) with rights. A DRM system is a system that manages the rights connected to the content and provides security for those by encryption. First, Microsoft’s RMS (Rights Management System) that controls the rights of documents within a company is considered. Second, a general digital media DRM system is considered that handles e-commerce for digital content. Analysis and discussion are made on what effects TC (Trusted Computing) and DRM could result in for home users, companies and suppliers of TC hardware and software. The different questions stated in the problemformulation is also discussed and considered. There are good and bad effects for every group but if TC will work as stated today, then the pros will outweigh the cons. The same goes for DRM on a TC platform. Since the benefits outweights the drawbacks, we think that TC should be fullfilled and taken into production. TC and DRM provides a good base of security and it is then up to the developers to use this in a good and responsible way.</p>

Datalogi

Trusted computing

TCG

NGSCB

digital rights management

DRM

Datalogi

Computer science

Datalogi

Trusted Computing &amp; Digital Rights Management : Theory &amp; Effects

Gustafsson, Daniel, Stewén, Tomas

January 2004

Trusted Computing Platform Alliance (TCPA), now known as Trusted Computing Group (TCG), is a trusted computing initiative created by IBM, Microsoft, HP, Compaq, Intel and several other smaller companies. Their goal is to create a secure trusted platform with help of new hardware and software. TCG have developed a new chip, the Trusted Platform Module (TPM) that is the core of this initiative, which is attached to the motherboard. An analysis is made on the TCG’s specifications and a summary is written of the different parts and functionalities implemented by this group. Microsoft is in the development stage for an operating system that can make use of TCG’s TPM and other new hardware. This initiative of the operating system is called NGSCB (Next Generation Secure Computing Base) former known as Palladium. This implementation makes use of TCG’s main functionalities with a few additions. An analysis is made on Microsoft’s NGSCB specifications and a summary is written of how this operating system will work. NGSCB is expected in Microsoft’s next operating system Longhorn version 2 that will have its release no sooner than 2006. Intel has developed hardware needed for a trusted platform and has come up with a template on how operating system developers should implement their OS to make use of this hardware. TCG’s TPM are also a part of the system. This system is called LaGrande. An analysis is also made on this trusted computing initiative and a sum up of it is written. This initiative is very similar to NGSCB, but Microsoft and Intel are not willing to comment on that. DRM (Digital Rights Management) is a technology that protects digital content (audio, video, documents, e-books etc) with rights. A DRM system is a system that manages the rights connected to the content and provides security for those by encryption. First, Microsoft’s RMS (Rights Management System) that controls the rights of documents within a company is considered. Second, a general digital media DRM system is considered that handles e-commerce for digital content. Analysis and discussion are made on what effects TC (Trusted Computing) and DRM could result in for home users, companies and suppliers of TC hardware and software. The different questions stated in the problemformulation is also discussed and considered. There are good and bad effects for every group but if TC will work as stated today, then the pros will outweigh the cons. The same goes for DRM on a TC platform. Since the benefits outweights the drawbacks, we think that TC should be fullfilled and taken into production. TC and DRM provides a good base of security and it is then up to the developers to use this in a good and responsible way.

Datalogi

Trusted computing

TCG

NGSCB

digital rights management

DRM

Datalogi

Computer Sciences

Datavetenskap (datalogi)