TOPAS - Trust Oriented Platform For Advanced Security
Towards Trusted Computing for Embedded Devices
Mobile and embedded devices, like cell phones, PDAs or simple network routers, have become powerful little multifunctional machines, providing features previously only available on much more powerful personal computers. This enables the owners to use these devices for more and more purposes. Many of these purposes have high security requirements: electronic banking, stock trading or VPN connections are some examples. In the future, such devices will be part of an “internet of things”, communicating with things near by, mutually authenticating each other, gaining access and allowing access to status information and controlling these things. TOPAS works on providing the necessary framework for creating trusted – or trustworthy – personal devices, devices that are as familiar to their users as their mobile phones are and that can be used in security-relevant or sensitive application scenarios. Trusted means that the software that is active on that device is known to be legitimate, unaltered (e.g. free of malware like worms or viruses), and behaves as expected. The major objective of this project is the development of a framework of Mobile Trusted Platforms that can be used on a variety of mobile and embedded systems, cost-effectively providing trusted computing technologies to these platforms, irrespective of the security features of the underlying system.
Ticketing and payment, as well as DRM, are the key applications for the use of trusted computing technology. These three applications alone are very security sensitive as security breaches have immediate monetary effects. Additionally, the stakeholders of these applications are not the handset manufactures but the service providers. This means that they will at some point in time force handset manufactures to add trusted computing technology to their devices.
Project Duration: March 2007 – Aug. 2009
Project Staff: IAIK, TU Graz
DI Kurt Dietrich
Inffeldgasse 16a
Tel.: +43 316 873 5511
Mail:kurt.dietrich@iaik.tugraz.at
Johannes Winter
Inffeldgasse 16a
Tel.: +43 316 873 5578
Mail:johannes.winter@iaik.tugraz.at
Dr. Peter Lipp
Inffeldgasse 16a
Tel.: +43 316 873 5513
Mail:peter.lipp@iaik.tugraz.at
Partner:
Philips Semiconductors Gratkorn
www.nxp.com
Contact:
Ernst Haselsteiner
Mikronweg 1
8101 Gratkorn
Tel.: +43 3124 299 590
Mail: Ernst.Haselsteiner@nxp.com
TOPAS is funded by BMVIT (Bundesministerium für Verkehr, Innovation und Technologie) and the FFG in context of "FIT-IT" (www.fit-it.at) with the project number 813437/12469.
Publications
| Proceedings | ||||
|---|---|---|---|---|
| 2009 | Kurt Dietrich - "Anonymous Credentials for Java enabled Platforms" - INTRUST 2009 |  |
 |
 |
| 2009 | Kurt Dietrich, Johannes Winter - "Implementation Aspects of Mobile and Embedded Trusted Computing " - Trusted Computing (Note: to appear) | |
|
 |
| 2008 | Kurt Dietrich - "A Secure and Reliable Platform Configuration Change Reporting Mechanism for Trusted Computing Enhanced Secure Channels" - TrustCom 2008 Proceedings, in 9th ICYCS Conference Proceedings | |
|
|
| 2008 | Kurt Dietrich, Johannes Winter - "Secure Boot Revisited" - International Symposium on Trusted Computing (TrustCom 2008) Proceedings, in 9th ICYCS Conference Proceedings | |
|
|
| 2008 | Kurt Dietrich, Martin Pirker, Tobias Vejda, Ronald Gregor Tögl, Thomas Winkler, Peter Lipp - "A Practical Approach for Establishing Trust Relationships between Remote Platforms using Trusted Computing" - Trustworthy Global Computing 2007, Revised Selected Papers | |
|
|
| 2008 | Johannes Winter - "Trusted computing building blocks for embedded linux-based ARM trustzone platforms" - STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computing | |
|
|
| 2007 | Kurt Dietrich - "An integrated architecture for trusted computing for java enabled embedded devices" - Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing (Note: to appear) | |
|
|
| Article | ||||
|---|---|---|---|---|
| 2009 | Kurt Dietrich, Franz Röck - "Performance Optimizations for DAA Signatures on Java enabled Platforms" - Journal of universal computer science [Elektronische Ressource] (Volume: ) | |
|
|
| 2007 | Kurt Dietrich, Tobias Vejda, Ronald Gregor Tögl, Martin Pirker, Peter Lipp - "Can you Really Trust your Computer Today?" - ENISA quarterly (Volume: 3) | |
 |
|
| Tech report | ||||
|---|---|---|---|---|
| 2007 | Kurt Dietrich, Johannes Winter - "Requirements Analysis of Mobile Trusted Modules" | |
|
|
| Presentation | ||||
|---|---|---|---|---|
| 2009 | Kurt Dietrich - "TOPAS - Projektvorstellung" (NEW CHALLENGES OF THE VIRTUAL, 09.09.09) | |
|
|
| 2008 | Kurt Dietrich - "Mobile Trusted Computing" (TRUST2008 Educational Event - Theory and practice of Trusted Computing, Villach, 10.03.08) | |
|
|
| 2008 | Kurt Dietrich - "Requirement Analysis for Mobile Trusted Modules" (3rd European Trusted Infrastructure Summer School, 31.08.08) | |
|
|
| 2008 | Kurt Dietrich - "Research Workshop: Requirements Analysis for Mobile Trusted Modules" (3rd European Trusted Infrastructure Summer School, Oriel College, 31.08.08) | |
|
|
| 2007 | Kurt Dietrich - "Research questions for Mobile Trusted Modules - Research Workshop Results" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2007 | Kurt Dietrich - "Research Workshop - Research questions for Mobile Trusted Modules (Implementation Aspects of Mobile Trusted Modules)" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2007 | Kurt Dietrich - "Research Workshop on "Integration of Trusted Computing in Managed Environments"" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|
| 2007 | Kurt Dietrich - "Integration of Trusted Computing in Managed Environments - Research Workshop Results" (2nd European Trusted Infrastructure Summer School (ETISS) 2007, Bochum, 29.09.07) | |
|
|