Archive for the ‘TCG’ Category
Towards a Trustworthy Digital Infrastructure for Core Identities and Personal Data Stores
So that was the title of my paper at the ID360 conference at UTexas in April. A copy of the PDF paper is here: hardjono-greenwood-coreid04C-ID360
Technical Trust
So the topic of “trust” always generates a million emails on various lists. Rather than rolling-up my own definition, I thought I’d borrow a good definition from the Trusted Computing Group community (courtesy of Graeme Proudler of HP Labs, UK).
It is safe to trust something when:
- It can be unambiguously identified.
- It operates unhindered.
- The user has first hand experience of consistent, good, behavior.
The definition is that of “technical trust”, namely “trust” in the mechanics of some computation (e.g. cryptographic computation, etc). In this case it refers to the TPM hardware. Note that “unhindered operation” is paramount for technical trust. This is still somewhat of a challenge for software (eg. think multi-tenant clouds and VMs).
