Using TPM Secure Storage in Trusted High Availability Systems

Hell, Martin; Karlsson, Linus; Smeets, Ben; Mirosavljevic, Jelena

Using TPM Secure Storage in Trusted High Availability Systems

Mark

Hell, Martin ^LU ; Karlsson, Linus ^LU

; Smeets, Ben ^LU and Mirosavljevic, Jelena (2014) INTRUST 2014 In Lecture Notes in Computer Science 9473. p.243-258

Abstract: We consider the problem of providing trusted computing

functionality in high availability systems. We consider the case where

data is required to be encrypted with a TPM protected key. For redundancy,

and to facilitate high availability, the same TPM key is stored in

multiple computational units, each one ready to take over if the main

unit breaks down. This requires the TPM key to be migratable. We show

how such systems can be realized using the secure storage of the TPM.

Hundreds of millions TPM 1.2 chips have been shipped but with the recent

introduction of TPM 2.0, more manufacturers are expected to start

shipping this newer TPM. Thus, a migration from TPM... (More); We consider the problem of providing trusted computing

functionality in high availability systems. We consider the case where

data is required to be encrypted with a TPM protected key. For redundancy,

and to facilitate high availability, the same TPM key is stored in

multiple computational units, each one ready to take over if the main

unit breaks down. This requires the TPM key to be migratable. We show

how such systems can be realized using the secure storage of the TPM.

Hundreds of millions TPM 1.2 chips have been shipped but with the recent

introduction of TPM 2.0, more manufacturers are expected to start

shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0

will likely be seen in the next few years. To address this issue, we also

provide an API that allows a smooth upgrade from TPM 1.2 to TPM

2.0 without having to redesign the communication protocol involving the

dierent entities. The API has been implemented for both TPM 1.2 and

TPM 2.0. (Less)

Please use this url to cite or link to this publication: https://lup.lub.lu.se/record/4861901

author

Hell, Martin ^LU ; Karlsson, Linus ^LU

; Smeets, Ben ^LU and Mirosavljevic, Jelena

organization

publishing date

2014

type

Chapter in Book/Report/Conference proceeding

publication status

published

subject

Electrical Engineering, Electronic Engineering, Information Engineering

keywords

Trusted Computing, TPM, Migration, Certiable Migration Key, Secure Storage

host publication

Trusted Systems/Lecture Notes in Computer Science

series title

Lecture Notes in Computer Science

editor

Yung, Moti ; Zhu, Liehuang and Yang, Yanjiang

volume

9473

pages

243 - 258

publisher

Springer

conference name

INTRUST 2014

conference location

Beijing, China

conference dates

2014-12-16 - 2014-12-17

external identifiers

scopus:84958044691
wos:000374047800016

ISSN

0302-9743

ISBN

978-3-319-27997-8

978-3-319-27998-5

DOI

10.1007/978-3-319-27998-5_16

language

English

LU publication?

yes

id

06badd55-b407-4ba5-ac78-b68da3db342b (old id 4861901)

date added to LUP

2016-04-04 11:47:46

date last changed

2024-04-13 18:10:33

@inproceedings{06badd55-b407-4ba5-ac78-b68da3db342b,
  abstract     = {{We consider the problem of providing trusted computing<br/><br>
functionality in high availability systems. We consider the case where<br/><br>
data is required to be encrypted with a TPM protected key. For redundancy,<br/><br>
and to facilitate high availability, the same TPM key is stored in<br/><br>
multiple computational units, each one ready to take over if the main<br/><br>
unit breaks down. This requires the TPM key to be migratable. We show<br/><br>
how such systems can be realized using the secure storage of the TPM.<br/><br>
Hundreds of millions TPM 1.2 chips have been shipped but with the recent<br/><br>
introduction of TPM 2.0, more manufacturers are expected to start<br/><br>
shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0<br/><br>
will likely be seen in the next few years. To address this issue, we also<br/><br>
provide an API that allows a smooth upgrade from TPM 1.2 to TPM<br/><br>
2.0 without having to redesign the communication protocol involving the<br/><br>
dierent entities. The API has been implemented for both TPM 1.2 and<br/><br>
TPM 2.0.}},
  author       = {{Hell, Martin and Karlsson, Linus and Smeets, Ben and Mirosavljevic, Jelena}},
  booktitle    = {{Trusted Systems/Lecture Notes in Computer Science}},
  editor       = {{Yung, Moti and Zhu, Liehuang and Yang, Yanjiang}},
  isbn         = {{978-3-319-27997-8}},
  issn         = {{0302-9743}},
  keywords     = {{Trusted Computing; TPM; Migration; Certiable Migration Key; Secure Storage}},
  language     = {{eng}},
  pages        = {{243--258}},
  publisher    = {{Springer}},
  series       = {{Lecture Notes in Computer Science}},
  title        = {{Using TPM Secure Storage in Trusted High Availability Systems}},
  url          = {{https://lup.lub.lu.se/search/files/12849138/HellKarlssonSmeetsMirosavljevic_TPMHAS.pdf}},
  doi          = {{10.1007/978-3-319-27998-5_16}},
  volume       = {{9473}},
  year         = {{2014}},
}

Lund University Publications

LUND UNIVERSITY LIBRARIES

Using TPM Secure Storage in Trusted High Availability Systems