Advanced

Using TPM Secure Storage in Trusted High Availability Systems

Hell, Martin LU ; Karlsson, Linus LU ; Smeets, Ben LU and Mirosavljevic, Jelena (2014) INTRUST 2014 In Lecture Notes in Computer Science 9473. p.243-258
Abstract
We consider the problem of providing trusted computing

functionality in high availability systems. We consider the case where

data is required to be encrypted with a TPM protected key. For redundancy,

and to facilitate high availability, the same TPM key is stored in

multiple computational units, each one ready to take over if the main

unit breaks down. This requires the TPM key to be migratable. We show

how such systems can be realized using the secure storage of the TPM.

Hundreds of millions TPM 1.2 chips have been shipped but with the recent

introduction of TPM 2.0, more manufacturers are expected to start

shipping this newer TPM. Thus, a migration from TPM... (More)
We consider the problem of providing trusted computing

functionality in high availability systems. We consider the case where

data is required to be encrypted with a TPM protected key. For redundancy,

and to facilitate high availability, the same TPM key is stored in

multiple computational units, each one ready to take over if the main

unit breaks down. This requires the TPM key to be migratable. We show

how such systems can be realized using the secure storage of the TPM.

Hundreds of millions TPM 1.2 chips have been shipped but with the recent

introduction of TPM 2.0, more manufacturers are expected to start

shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0

will likely be seen in the next few years. To address this issue, we also

provide an API that allows a smooth upgrade from TPM 1.2 to TPM

2.0 without having to redesign the communication protocol involving the

dierent entities. The API has been implemented for both TPM 1.2 and

TPM 2.0. (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Trusted Computing, TPM, Migration, Certiable Migration Key, Secure Storage
in
Lecture Notes in Computer Science
editor
Yung, Moti; Zhu, Liehuang; Yang, Yanjiang; ; and
volume
9473
pages
243 - 258
publisher
Springer
conference name
INTRUST 2014
external identifiers
  • scopus:84958044691
ISSN
0302-9743
ISBN
978-3-319-27997-8
978-3-319-27998-5
DOI
10.1007/978-3-319-27998-5_16
language
English
LU publication?
yes
id
06badd55-b407-4ba5-ac78-b68da3db342b (old id 4861901)
date added to LUP
2014-12-12 12:23:57
date last changed
2017-01-01 08:05:22
@inproceedings{06badd55-b407-4ba5-ac78-b68da3db342b,
  abstract     = {We consider the problem of providing trusted computing<br/><br>
functionality in high availability systems. We consider the case where<br/><br>
data is required to be encrypted with a TPM protected key. For redundancy,<br/><br>
and to facilitate high availability, the same TPM key is stored in<br/><br>
multiple computational units, each one ready to take over if the main<br/><br>
unit breaks down. This requires the TPM key to be migratable. We show<br/><br>
how such systems can be realized using the secure storage of the TPM.<br/><br>
Hundreds of millions TPM 1.2 chips have been shipped but with the recent<br/><br>
introduction of TPM 2.0, more manufacturers are expected to start<br/><br>
shipping this newer TPM. Thus, a migration from TPM 1.2 to TPM 2.0<br/><br>
will likely be seen in the next few years. To address this issue, we also<br/><br>
provide an API that allows a smooth upgrade from TPM 1.2 to TPM<br/><br>
2.0 without having to redesign the communication protocol involving the<br/><br>
dierent entities. The API has been implemented for both TPM 1.2 and<br/><br>
TPM 2.0.},
  author       = {Hell, Martin and Karlsson, Linus and Smeets, Ben and Mirosavljevic, Jelena},
  booktitle    = {Lecture Notes in Computer Science},
  editor       = {Yung, Moti and Zhu, Liehuang and Yang, Yanjiang},
  isbn         = {978-3-319-27997-8},
  issn         = {0302-9743},
  keyword      = {Trusted Computing,TPM,Migration,Certiable Migration Key,Secure Storage},
  language     = {eng},
  pages        = {243--258},
  publisher    = {Springer},
  title        = {Using TPM Secure Storage in Trusted High Availability Systems},
  url          = {http://dx.doi.org/10.1007/978-3-319-27998-5_16},
  volume       = {9473},
  year         = {2014},
}