Authors: Andreas Leicher; Andreas U. Schmidt; Yogendra Shah; Inhyok Cha
Addresses: Novalyst IT AG, Robert-Bosch-Strasse 38, 60439 Karben, Germany. ' Novalyst IT AG, Robert-Bosch-Strasse 38, 60439 Karben, Germany. ' InterDigital Communications LLC, 781 Third Avenue, King of Prussia, PA 19406, USA. ' InterDigital Communications LLC, 781 Third Avenue, King of Prussia, PA 19406, USA
Abstract: Trusted computing, used as a security technology, can establish trust between multiple parties. One implementation of trusted computing technology standardised by the Trusted Computing Group is the trusted platform module (TPM). We build on the security provided by the TPM to create a trusted variant of identity management systems based on the popular OpenID protocol. We show that it is feasible to bind OpenID identities to the trustworthiness of the device. Our concept and implementation builds on previous work which showed that trusted computing can be used to create tickets. In this work, we use such tickets as a building block to establish trust in the OpenID protocol between the identity provider and the device. Furthermore, we investigate how mutual trust can be established in the communication between device and user during authentication. The concept of trust visualisation via a trusted environment and binding to user authentication are presented.
Keywords: trusted computing; trusted platform modules; TPM; OpenID; identity management; user authentication; trusted tokens; visual attestation; trustworthy user interfaces; trust visualisation; trustworthiness; security technology.
International Journal of Internet Technology and Secured Transactions, 2011 Vol.3 No.4, pp.331 - 353
Available online: 17 Oct 2011 *Full-text access for editors Access for subscribers Purchase this article Comment on this article