Trusted Computing
Who are we
Our team focusses on the development of applied concepts within the
context of Trusted Computing. In several national and international research projects we study how to assess and improve the security of systems.
We consider various environments such as Java, virtualized platforms, mobile devices and hardware security modules.
We are part of the Secure and Correct Systems (SCoS) Group at IAIK.
More about SCoS »What is Trusted Computing good for and how does it work?
Todays computer security suffers from software vulnerabilities, internet fraud and attacks on computers. The only countermeasures a user can take is to check for updates, install patches, upgrade firewalls, and so on. People do not understand how computers work and actually they don't want to be bothered with any security issues.
Trusted computing tries to break this cycle by doing things differently. It is a good starting point but it's not intended to provide a 100% security.
From today's view, the major goal is mainstream usage of this Trusted Computing paradigm. To do so, we have to validate new models and justify concepts that benefit from the Trusted Computing influence. We extend this Trusted Computing model to different platform types and provide hardware support to close some open issues.
acTvSM
The FIT-IT Project acTvSM will tie together two different technologies together to create and demonstrate a novel class of secure software services. It combines the Trusted Computing technologies with Public Key Infrastructures (PKI).
Read more »Open Trusted Computing
The Open Trusted Computing (OpenTC) consortium is an international research and development project. It focuses on the development of trusted and secure computing systems based on open source software components. The project targets traditional computer platforms as well as embedded systems such as mobile phones.
Read more »TOPAS
Trust Oriented Platform for Advanced Security (TOPAS) focuses on trusted computing aspects on mobile and embedded devices. The goal of the project TOPAS is to provide the necessary framework for creating trusted
personal devices; devices that are as familiar to their users as their mobile phones are and
that can be used in security-relevant or sensitive application scenarios. Playing an important
and critical role, these devices become an interesting target to attack. Worms, viruses or
phishing attacks are not limited to the classical personal computer – these types of malware
are perfectly applicable to mobile devices and require our attention. Trusted computing, as
defined by the trusted computing group, offers concepts and mechanisms that can be used
to build solutions for these problems. The main objective of this project is to develop a
framework for mobile and embedded devices that provides trusted computing functionality to
these devices, irrespective of their security functionality, while trying to minimize the costs
and maintain the required high level of security.
Read more »
JSR 321
The JSR 321 initiative aims to develop a Trusted Computing API for the Java™ platform which provides a subset of the standard C based TCG Software Stack functionality, but follows the conventions of modern Java APIs. IAIK is specification lead in this Java Community Process (JCP) effort.
Read more »Secricom
Secricom (Seamless Communication for Crisis Management) is an EU-FP7 Integrated Project started in September 2008. It will work on using trusted computing based technology to ensure the integrity of the platforms (mobile handsets) used for crisis management and to provide trusted communications between such platforms over heterogeneous networks. Read more »
Publications
| Proceedings | ||||
|---|---|---|---|---|
| 2013 | Stefan Kraxberger, Ronald Tögl, Martin Pirker, Elisa Pintado Guijarro, Guillermo Garcia Millan - "Trusted Identity Management for Overlay Networks" - Information security practice and experience (Note: to appear) |  |
 |
 |
| 2013 | Martin Pirker, Johannes Winter - "Semi-Automated Prototyping of a TPM v2 Software and Hardware Simulation Platform" - Proceedings of the 6th International Conference on Trust & Trustworthy Computing (TRUST) (Note: to appear) | |
|
|
| 2012 | Martin Pirker, Johannes Winter, Ronald Tögl - "Lightweight Distributed Attestation for the Cloud" - Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER) (Note: to appear) | |
|
|
| 2012 | Martin Pirker, Daniel Slamanig, Johannes Winter - "Practical Privacy Preserving Cloud Resource-Payment for Constrained Clients" - Proceedings of the 12th Privacy Enhancing Technologies Symposium (PETS) | |
|
 |
| 2012 | Ronald Tögl, Florian Reimair, Martin Pirker - "Waltzing the Bear, or: A Trusted Virtual Security Module" (Note: to appear) | |
 |
|
| 2012 | Martin Pirker, Johannes Winter, Ronald Tögl - "Lightweight Distributed Heterogeneous Attested Android Clouds" - Proceedings of the 5th International Conference on Trust & Trustworthy Computing (TRUST) | |
|
|
| 2012 | Martin Pirker, Daniel Slamanig - "A Framework for Privacy-Preserving Mobile Payment on Security Enhanced ARM TrustZone Platforms" - Proceedings of the 1st International Workshop on Anonymity and Security Aspects of Embedded Systems (ANSEC) (Note: to appear) | |
|
|
| 2012 | Daniel Hein, Ronald Tögl, Martin Pirker, Emil Gatial, Zoltán Balogh, Hans Brandl, Ladislav Hluchý - "Securing Mobile Agents for Crisis Management Support" - Scalable Trusted Computing (Note: to appear) | |
|
|
| 2012 | Paul Wiegele, Johannes Winter, Martin Pirker, Ronald Tögl - "A flexible software development and emulation framework for ARM TrustZone" - Trusted Systems; Proc. INTRUST | |
|
|
| 2011 | Ronald Tögl, Martin Pirker, Michael Gissing - "acTvSM: A Dynamic Virtualization Platform for Enforcement of Application Integrity" - Trusted Systems, Second International Conference, INTRUST 2010, Beijing, China, December 13-15, 2010, Revised Selected Papers (Note: to appear) | |
|
|
| 2011 | Michael Gissing, Ronald Tögl, Martin Pirker - "Management of Integrity-Enforced Virtual Applications" - Secure and Trust Computing, Data Management, and Applications - STA 2011 Workshop Proceedings: STAVE 2011 | |
|
|
| 2011 | Siegfried Podesser, Ronald Tögl - "A Software Architecture for Introducing Trust in Java-Based Clouds" - Secure and Trust Computing, Data Management, and Applications | |
|
|
| 2010 | Michael Hutter, Ronald Tögl - "A Trusted Platform Module for Near Field Communication" - Conference on Systems and Networks Communications - ICSNC 2010, 5th International Conference, Nice, France, August 22-27, 2010, Proceedings. | |
|
|
| 2010 | Martin Pirker, Ronald Tögl, Michael Gissing - "Dynamic Enforcement of Platform Integrity" - Proc. 3rd International Conference on Trust and Trustworthy Computing (TRUST 2010) | |
|
|
| 2009 | Kurt Dietrich, Johannes Winter - "Implementation Aspects of Mobile and Embedded Trusted Computing " - Trusted Computing (Note: to appear) | |
|
|
| 2009 | Kurt Dietrich - "Anonymous Credentials for Java enabled Platforms" - INTRUST 2009 | |
|
|
| 2009 | Martin Pirker, Ronald Tögl, Daniel Hein, Peter Danner - "A PrivacyCA for Anonymity and Trust" - Trusted Computing | |
|
|
| 2009 | Martin Pirker, Ronald Tögl - "Sichere Softwaremodule durch Einsatz von Virtualisierung und Trusted Computing" - Tagungsband der 7. Information Security Konferenz | |
|
|
| 2009 | Ronald Tögl - "Tagging the Turtle: Local Attestation for Kiosk Computing " - Advances in Information Security and Assurance | |
|
|
| 2009 | Ronald Tögl, Thomas Winkler, Mohammad Nauman, Theodore Hong - "Towards Platform-Independent Trusted Computing" - STC'09 Proceedings; in CCS 2009 Co-Located Workshops' Compilation Proceedings | |
|
|
| 2009 | Daniel Hein, Ronald Tögl - "An Autonomous Attestation Token to Secure Mobile Agents in Disaster Response" - Security and Privacy in Mobile Information and Communication Systems First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers | |
|
|
| 2008 | Kurt Dietrich, Martin Pirker, Tobias Vejda, Ronald Gregor Tögl, Thomas Winkler, Peter Lipp - "A Practical Approach for Establishing Trust Relationships between Remote Platforms using Trusted Computing" - Trustworthy Global Computing 2007, Revised Selected Papers | |
|
|
| 2008 | Ronald Tögl, Georg Hofferek, Karin Greimel, Adrian Leung, Raphael C-W. Phan, Roderick Paul Bloem - "Formal Analysis of a TPM-Based Secrets Distribution and Storage Scheme" - International Symposium on Trusted Computing (TrustCom 2008) Proceedings, in 9th ICYCS Conference Proceedings | |
|
|
| 2008 | Kurt Dietrich - "A Secure and Reliable Platform Configuration Change Reporting Mechanism for Trusted Computing Enhanced Secure Channels" - TrustCom 2008 Proceedings, in 9th ICYCS Conference Proceedings | |
|
|
| 2008 | Kurt Dietrich, Johannes Winter - "Secure Boot Revisited" - International Symposium on Trusted Computing (TrustCom 2008) Proceedings, in 9th ICYCS Conference Proceedings | |
|
|
| 2007 | Kurt Dietrich - "An integrated architecture for trusted computing for java enabled embedded devices" - Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing (Note: to appear) | |
|
|
| Part of a book | ||||
|---|---|---|---|---|
| 2011 | Apostolos P. Fournaris, Daniel Hein - "Trust Management Through Hardware Means: Design Concerns and Optimizations book title: VLSI 2010 Annual Symposium" | |
|
|
| Book | ||||
|---|---|---|---|---|
| 2008 | Peter Lipp, Ahmad-Reza Sadeghi, Klaus-Michael Koch - "Trusted Computing - Challenges and Applications" (Springer Heidelberg - ISBN: 978-3-540-68978-2) | |
|
|
| Article | ||||
|---|---|---|---|---|
| 2012 | Apostolos P. Fournaris, Jacques Fournier, Daniel Hein, Guillaume Reymond - "Secure Docking Station and its protection against hardware attacks" - Technical sciences (Volume: ) | |
|
|
| 2012 | Emil Gatial, Zoltán Balogh, Daniel Hein, Ladislav Hluchý, Ronald Tögl, Martin Pirker - "Securing Agents Using Secure Docking Module" - Technical sciences (Volume: ) | |
|
|
| 2012 | Wojciech Wojciechowicz, Jacques Fournier, Miroslav Konecny, Stefan Vanya, John Stoodley, Phil Entwisle, Daniel Hein, Aurel Machalek, Apostolos P. Fournaris, Mikel Uriarte, Oscar Lopez, Shaun O'Neill, Hans Brandl, Zoltán Balogh, Emil Gatial, Ladislav Hluchý, Tomasz Miroslaw, Jan Zych - "Seamless Communication For Crisis Management" - Technical sciences (Volume: ) | |
|
|
| 2011 | Ronald Tögl, Michael Hutter - "An Approach to Introducing Locality in Remote Attestation using Near Field Communications" - The journal of supercomputing (Volume: 55) | |
|
|
| 2011 | Ronald Tögl, Thomas Winkler, Mohammad Nauman, Theodore Hong - "Specification and Standardization of a Java Trusted Computing API" - Software : practice & experience (Volume: ) (Note: to appear) | |
|
|
| 2010 | Daniel Hein, Ronald Tögl, Stefan Kraxberger - "An Autonomous Attestation Token to Secure Mobile Agents in Disaster Response" - Security and communication networks (Volume: 3) | |
|
|
| 2010 | Martin Pirker, Ronald Tögl - "Towards a Virtual Trusted Platform" - Journal of universal computer science [Elektronische Ressource] (Volume: 16) | |
|
|
| 2009 | Kurt Dietrich, Franz Röck - "Performance Optimizations for DAA Signatures on Java enabled Platforms" - Journal of universal computer science [Elektronische Ressource] (Volume: ) | |
|
|
| 2007 | Kurt Dietrich, Tobias Vejda, Ronald Gregor Tögl, Martin Pirker, Peter Lipp - "Can you Really Trust your Computer Today?" - ENISA quarterly (Volume: 3) | |
|
|
| Tech report | ||||
|---|---|---|---|---|
| 2010 | Martin Pirker, Ronald Tögl, Andreas Niederl - "acTvSM Deliverable 3.1: Virtual Platform Prototype" | |
|
|
| 2010 | Martin Pirker, Ronald Tögl, Georg Lindsberger - "acTvSM Deliverable 2.1: Requirements Specification Report" | |
|
|
| 2010 | Ronald Tögl - "acTvSM Deliverable 4.1.1: API Analysis Scope" | |
|
|
| 2010 | Ronald Tögl, Martin Pirker, Gerhard Fliess - "acTvSM Deliverable 4.1: Draft API Design" | |
|
|
| 2010 | Ronald Tögl, Martin Pirker, Andreas Niederl, Michael Gissing - "acTvSM Deliverable 3.2: Virtual Trusted Platform Prototype" | |
|
|
| 2009 | Daniel Hein, Peter Danner, Apostolos Fournaris, Martin Liebl - "SECRICOM WP5 Functional specification of the Secure Docking Module" | |
|
|
| 2009 | Ivan KoÄiÅ¡, Ahmed Aldabbagh, Oscar Lázaro, Oscar López, Mikel Uriarte, Daniel Hein, Peter Danner, Tomasz Miroslaw, Monika Åšwiech, Wojciech Dymowski, Ladislav Hluchý, Branislav Ŝimo, Zoltán Balogh, Vladimir Hudek, Aurel Machalek, Apostolos Fournaris, Jacques Fournier - "Secricom WP 2 Analysis of external and internal system requirements" | |
|
|
| 2009 | Branislav Ŝimo, Zoltán Balogh, Daniel Hein, Peter Danner, Oscar López, Mikel Uriarte, Vladimír Hudek - "SECRICOM WP4 Security requirements and specification for docking station module" | |
|
|
| 2008 | Martin Pirker, Ronald Tögl, Tobias Vejda, Andreas Niederl - "Java Virtual Machines as Small Trusted Computing Bases: A Case Study" | |
|
|
| 2007 | Martin Pirker - "OpenTC WP05 - Prototype of Basic Public-Key Infrastructure for OpenTC" | |
|
|
| 2007 | Kurt Dietrich, Johannes Winter - "Requirements Analysis of Mobile Trusted Modules" | |
|
|
| 2007 | Martin Pirker - "OpenTC WP05 - Design of Basic Public-Key Infrastructure for OpenTC" | |
|
|
| 2006 | Kurt Dietrich, Martin Pirker, Thomas Winkler - "OpenTC PET Scenario Specification - Description of the Client Proxy / Server Proxy Approach" | |
|
|
| 2006 | Kurt Dietrich, Thomas Winkler, Martin Pirker - "OpenTC PET Scenario - Bank and Client Proxy Architectural Design" | |
|
|
| 2006 | Kurt Dietrich, Markus Demuth, Jürgen Malin, Peter Lipp, Martin Pirker, Thomas Winkler - "OpenTC WP3 Report - Integrating Trusted Computing into the Java Programming Language" | |
|
|
| 2006 | Kurt Dietrich, Martin Pirker, Thomas Winkler - "OpenTC WP05d Requirements Analysis - Key management infrastructure and public key enablement" | |
|
|
| Presentation | ||||
|---|---|---|---|---|
| 2012 | Martin Pirker - "Practical Privacy Preserving Cloud Resource-Payment for Constrained Clients" (12th Privacy Enhancing Technologies Symposium (PETS2012), Vigo, 12.07.12) | |
|
|
| 2012 | Martin Pirker - "Lightweight Distributed Heterogeneous Attested Android Clouds" (5th International Conference on Trust & Trustworthy Computing (TRUST2012), 13.06.12) | |
|
|
| 2012 | Martin Pirker - "Lightweight Distributed Attestation for the Cloud" (2nd International Conference on Cloud Computing and Services Science (CLOSER2012), Porto, 21.04.12) | |
|
|
| 2012 | Martin Pirker - "A Framework for Privacy-Preserving Mobile Payment on Security Enhanced ARM TrustZone Platforms" (1st International Workshop on Anonymity and Security Aspects of Embedded Systems (ANSEC2012), Liverpool, 27.06.12) | |
|
|
| 2011 | Martin Pirker - "DRTM Laboratory" (6th European Trusted Infrastructure Summer School (ETISS) 2011, Darmstadt, 23.09.11) | |
|
|
| 2010 | Martin Pirker - "TPM Laboratory" (5th European Trusted Infrastructure Summer School (ETISS) 2010, 06.09.10) | |
|
|
| 2010 | Ronald Tögl - "A Trusted Platform Module for Near Field Communication" (5th International Conference on Systems and Networks Communications - ICSNC 2010, Nice, 24.08.10) | |
|
|
| 2010 | Martin Pirker - "Dynamic Enforcement of Platform Integrity" (3rd International Conference on Trust and Trustworthy Computing (TRUST 2010), Berlin, 22.06.10) | |
|
|
| 2010 | Martin Pirker - "Einblicke und Ausblicke zu (Open-Source) Entwicklungen im Bereich Trusted Computing" (LinuxTag 2010, Berlin, 11.06.10) | |
|
|
| 2010 | Ronald Tögl - "Construction of a Trusted Virtual Security Module " (4th International Workshop on Analysis of Security APIs, 21.07.10) | |
|
|
| 2010 | Ronald Tögl - "The upcoming standard JSR 321: Trusted Computing API for Java" (TCG Members Meeting, Budapest, 16.06.10) | |
|
|
| 2010 | Ronald Tögl - "A Software Architecture for Introducing Trust in Java-based Clouds" (Workshop on Trust in the Cloud, Berlin, 22.06.10) | |
|
|
| 2009 | Daniel Hein - "An Autonomous Attestation Token to Secure Mobile Agents in Disaster Response" (The First International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec 2009), Turin, 05.06.09) | |
|
|
| 2009 | Ronald Tögl - "Tagging the Turtle: Local Attestation for Kiosk Computing " (International Conference on Information Security and Assurance, Seoul, 25.06.09) | |
|
|
| 2009 | Martin Pirker - "TPM Laboratory" (4th European Trusted Infrastructure Summer School (ETISS) 2009, 30.08.09) | |
|
|
| 2009 | Martin Pirker - "Towards a Virtual Trusted Platform" (4th European Trusted Infrastructure Summer School (ETISS) 2009, 03.09.09) | |
|
|
| 2009 | Kurt Dietrich - "TOPAS - Projektvorstellung" (NEW CHALLENGES OF THE VIRTUAL, 09.09.09) | |
|
|
| 2009 | Martin Pirker - "Sichere Softwaremodule durch Einsatz von Virtualisierung und Trusted Computing" (7. Information Security Konferenz, "Critical Infrastructures", 29.10.09) | |
|
|
| 2009 | Ronald Tögl - "Towards Platform-Independent Trusted Computing" (ACM Workshop on Scalable Trusted Computing, Chicago, 13.11.09) | |
|
|
| 2009 | Peter Danner - "A Trusted Computing Identity Collation Protocol To Simplify Deployment of New Disaster Response Devices" (4th European Trusted Infrastructure Summerschool (ETISS) 2009, Graz, 29.08.09) | |
|
|
| 2008 | Kurt Dietrich - "Requirement Analysis for Mobile Trusted Modules" (3rd European Trusted Infrastructure Summer School, 31.08.08) | |
|
|
| 2008 | Martin Pirker - "Advances on PrivacyCAs" (3rd European Trusted Infrastructure Summer School (ETISS) 2008, University of Oxford, 31.08.08) | |
|
|
| 2008 | Kurt Dietrich - "Mobile Trusted Computing" (TRUST2008 Educational Event - Theory and practice of Trusted Computing, Villach, 10.03.08) | |
|
|
| 2008 | Kurt Dietrich - "Research Workshop: Requirements Analysis for Mobile Trusted Modules" (3rd European Trusted Infrastructure Summer School, Oriel College, 31.08.08) | |
|
|
| 2008 | Ronald Tögl - "Formal Analysis of a TPM-Based Secrets Distribution and Storage Scheme" (International Symposium on Trusted Computing (TrustCom 2008), Zhang Jia Jie, 21.11.08) | |
|
|
| 2007 | Martin Pirker - "Workshop on Trusted Identities" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, 29.09.07) | |
|
|
| 2007 | Kurt Dietrich - "Research Workshop - Research questions for Mobile Trusted Modules (Implementation Aspects of Mobile Trusted Modules)" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2007 | Martin Pirker - "Neues aus Trusted Computing Land" (Grazer LinuxTage 2007, Graz, 19.05.07) | |
|
|
| 2007 | Kurt Dietrich - "Research questions for Mobile Trusted Modules - Research Workshop Results" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2007 | Kurt Dietrich - "Integration of Trusted Computing in Managed Environments - Research Workshop Results" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2007 | Kurt Dietrich - "Research Workshop on "Integration of Trusted Computing in Managed Environments"" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2006 | Martin Pirker, Thomas Winkler - "Linux powered Trusted Computing" (Grazer LinuxTage 2006, Graz, 20.05.06) | |
|
|
| Miscellaneous | ||||
|---|---|---|---|---|
| 2010 | Andreas Niederl, Martin Pirker, Ronald Tögl, Michael Gebetsroither, Michael Gissing - "acTvSM virtualization platform" | |
|
|
| 2009 | Martin Pirker, Michael Gissing - "IAIK jTpmTools with Trusted eXecution Technology support" | |
|
|
| 2009 | Martin Pirker, Andreas Niederl - "IAIK PrivacyCA V2, a robustness and size optimised Trusted Computing PKI" | |
|
|
| 2007 | Martin Pirker - "IAIK PrivacyCA, prototype implementation of a Trusted Computing PKI" | |
|
|
| 2006 | Martin Pirker - "IAIK XKMS, implementation of XML Key Management Specification" | |
|
|
| 2006 | Martin Pirker - "TCcert, trusted computing specific certificate tool" | |
|
|