A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios.
Title:
A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios.
Author:
Murhammer, Martin W.
ISBN:
9783836607278
Personal Author:
Edition:
1st ed.
Physical Description:
1 online resource (166 pages)
Series:
Diplomica
Contents:
A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios -- Abstract -- Acknowledgements -- Table of Contents -- Table of Figures -- List of Tables -- 1 Introduction -- 1.1 Motivation -- 1.2 Document Structure -- 2 The Need for Trust in Computing Environments -- 2.1 An Attempt at Definitions -- 2.1.1 Confidence and Reliance -- 2.1.2 Dependence -- 2.1.3 Non-Enforceability -- 2.1.4 Non-Transferability -- 2.1.5 Discretion -- 2.2 Aspects of Trust for Information Systems -- 2.2.1 Assurance -- 2.2.2 Technology Trusting People -- 2.2.3 Technology Trusting Technology -- 2.3 Models of Trust -- 2.3.1 One-way Trust -- 2.3.2 Two-way Trust -- 2.3.3 Third Party Trust -- 2.3.4 Chain of Trust -- 2.3.5 Web of Trust -- 2.3.6 Transitive Trust -- 2.4 Liability -- 2.5 Privacy -- 3 Protection Requirements -- 3.1 Technical Requirements -- 3.1.1 Physical Protection -- 3.1.2 Secrecy of Data and Code -- 3.1.3 Integrity of Code and Data -- 3.2 Non-technical Requirements -- 3.2.1 Availability -- 3.2.2 System and Operations Management -- 3.2.3 Cost Factors -- 4 Technology Review -- 4.1 Smart Cards -- 4.1.1 Types of Smart Cards -- 4.1.2 Capabilities -- 4.1.3 Components -- 4.1.4 Operation -- 4.1.5 Standards -- 4.2 Trusted Platform Modules -- 4.2.1 TPM Capabilities -- 4.2.2 Components -- 4.2.3 Operation -- 4.2.4 Standards -- 4.3 Other Approaches to Trusted Computing -- 4.3.1 Isolation and Compartmentalization Model -- 4.3.2 Virtualization Model -- 4.3.3 Execution Control Model -- 4.4 Drivers and Markets -- 4.5 Summary -- 5 Business Scenarios -- 5.1 Recovery and Replacement -- 5.2 Combinations and Extensions -- 5.2.1 Adding Smart Cards to TPM -- 5.2.2 Adding Biometrics to Smart Cards and TPM -- 5.3 Multi-Function Access -- 5.4 Machine Binding -- 5.5 Asset Inventory -- 5.6 Authentication -- 5.7 Encryption -- 5.8 Digital Signatures -- 5.9 Reduced Sign-On.
5.9.1 Client-Side Reduced Sign-on -- 5.9.2 Enterprise Reduced Sign-on -- 5.10 Secure Network Access -- 5.11 Secure Application Server -- 5.12 Shared Workstations -- 5.13 Voice over IP -- 5.13.1 Security Concerns -- 5.13.2 Solution Approach -- 5.13.3 Summary -- 5.14 Pseudonymous Transactions -- 5.15 Entertainment and Commodity -- 5.16 Digital Rights Management -- 5.16.1 DRM Requirements -- 5.16.2 DRM Component Model -- 5.16.3 DRM Solution Approaches -- 5.17 Remote Access to Classified Information -- 5.17.1 System Architecture using Standard Components -- 5.17.2 Augmenting or Replacing Standard Components -- 5.18 Summary -- 6 Conclusions -- Bibliography -- Abbreviations -- Glossary -- Appendix -- Curriculum Vitae.
Abstract:
This thesis focuses on the area of authentication and machine binding using either smart card or trusted platform module (TPM) technology, or a combination thereof. It is the major objective to demonstrate the value of each of these technologies based upon selected business scenarios. Underlying trust models and architectural requirements are discussed, and theoretical background of these technologies is provided to accommodate readers with the relevant terms to follow the subsequent discussion. The major part of this thesis consists of the research, comparison and analysis of existing publications and other sources-scientific, commercial, qualified journalistic or other-to gather a foundation of information on the subject topic. The problem cases or scenarios for applicability of smart card or TPM technology are based upon that research as well as the professional experience of the author and are not selected at random. This thesis shall provide interested readers with a decision base for the selection of protection mechanisms based upon either smart cards or TPM, or both. Biographische Informationen Martin W. Murhammer, CISSP, ISSAP, MCP, is a Certified Senior Information Security Consultant and Certified IT Infrastructure Architect with IBM Global Services in Vienna, Austria. He holds a Master's degree in Information Security Management from Danube University, Krems, Austria. The main focus of his professional work lies in the area of security assessments, architectures and programs as well as firewalls, VPN, PKI and identity management. He is a member of the IBM Security Architecture Board. Mr. Murhammer has 22 years of IT experience including areas such as networking, systems management, server design, high availability, and information security. Important contributors to his experience and expertise were international residencies and
assignments to IBM U.S., where he was working in close relationship with global product and services development teams and international support units, and where he was leading multinational teams. Mr. Murhammer is a speaker at national and international events and lectures on Information Security at the Danube University, Krems. Mr. Murhammer occasionally features in press articles and he has authored and co-authored a number of technical publications, most prominently "TCP/IP Tutorial and Technical Overview" and "A Comprehensive Guide to Virtual Private Networks". During his professional career, he has been involved in projects in Austria and other countries in Europe and Asia/Pacific.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Electronic Access:
Click to View