Security via hardware 538

so

had trusted ID type support ... but not for actually building a trusted system ... but for the evolving software pricing & licensing infrastucture ... similar to current day DRM issues.

in the 60s & 70s we had built secure multi-user timesharing systems ... significantly more secure than many of the systems out there today. the security of these systems weren't dependent on hardware identification ... but basically from the ground-up builtin security design. some of this is referenced in past posts about commerical multi-user, timesharing systems from the 60s & 70s

recent post about specific example where cambridge was already providing some general access to various BU, MIT, Harvard, and other students in the Cambridge area ... and then with the advent of cms-apl, cms-apl system file i-o capability and really "large" workspaces ... corporate hdqts people loaded some of the most valuable corporate data on the machine for doing business modeling. above the line

one might even make an buttertion that to some extent the orange book work was attempting to capture some of the characteristics of these earlier systems and have it apply to later-newer commerical-off-the-shelf endevors. a couple recent, slightly related posts: standard standard standard and implementations"? implementations"? implementations"?

the other application for trusted system identification ... is not so much whether a system is built with high level of integrity .... but if a system butterts such a characteristic to a remote operation ... how much trust can the remote operation place in the integrity buttertion. This is similar to the EU finread terminal standard.

the standard specifies a number of integrity characteristics for finread ... however the standard doesn't actually specify a mechanism where a remote, relying party has any butturance that a finread was actually used via-a-vis some counterfeit terminal. one of the things in the x9.59 financial standard

allowed for the terminal digital signing a transaction in addition to the end user. the user's digital signature provides some authentication about the originating party (aka verification of the digital signature with a public key implies "something you have" authentication, aka the originating enbreasty has access and use of the corresponding private key) ... the terminal digital signature provides some indication as to some integirty characteristics of the digital signing environment (was a finread standard terminal in use).

In that sense, a trusted machine authentication mechanism may not only provide reference for licensed software running on the local machine ... but possibly also a kind of reference for distributed licensing infrastructures.

There have been various infrastructure definitions for really personal computing devices ... where a trustest mashine authentication not only services as the scaffolding for software (and other kind of licensing ... aka DRM) licensing ... but also as authenticating the device owner ... in lieu of a separate personal authentication token.

This does start to trample on the insbreastution-centric token vis-a-vis person-centric token paradigms. In the insbreastutional centric paradigm ... each insbreastution provides each individual with a unique token (basically one-for-one replacement for existing shared-secret pin-pbuttword). In the person-centric token paradigm ... the individual registers their personal token(s) with each insbreastution.

In the 90s, we were looking at the end-to-end business process buttociated with token authentication infrastructure as well as trying to significantly achieve cost-reductions. On of the big expensive items in the insbreastutional centric model is typically there personalization that an insbreastution performs for every token. Elimination of insbreastutional personalization can significantly reduce costs in a token-based "something you have" infrastructure. Soemtimes this streamlining can represent as much as a 10-to-one cost reduction.

More interesting ... in moving away from insbreastutional token personalization can also enable the transition to person-centric token infrastructure ... rather than every insbreastution personalizing a unique token for every person ... a person registers their token(s) with every insbreastution. If you buttume a transition to an insitution-centric token system with each person have a unique token in place of every existing pin-pbuttword ... then a 10:1 reduction in token infrastructure costs is significant (by streamlining the infrastructure delivery costs). however, if you buttume that every person eventually requires an avg. of one hundred tokens, then a transition from an insbreastutional-centric model to a person-centric model can represent a 100:1 reduction in the number of tokens ... with a corresponding 100:1 reduction in infrastructure token costs. A combination of 10:1 reduction in per token cost plus a 100:1 reduction in token number costs ... would represent an overall 1000:1 cost reduction in token infrastructure related costs.

if one were considering the 3-factor authentication model

* something you have * something you know * something you are

a transition from a per insbreastution "something you have" token for every person to a person-centric "something you have" token could be considered making token paradigm closer aligned with biometric paradigm (as long as it is unique ... a unique thumbprint per insbreastution isn't required)

misc past person-individual centric authentication infrastructures case, or average case? (TCPA) Certificate smartcards

lots of past AADS references

lots of past posts on general butturance issues

general past posts on exploits, vulnerabilities, fraud, etc

some specific past posts on common buffer overflow exploits

random past posts mentioning TCPA &-or palladium case, or average case? (TCPA) detractors detractors TCPA downside of TCPA downside of TCPA during ownership change (Re: Overcoming the potential downside of TCPA) TCPA-Hardware and a smart card (was: example:secure computing kernel needed) TCPA-Hardware and a smart card (was: example: secure computing kernel needed) TCPA-Hardware and a smart card (was: example: secure computing kernel needed) TCPA-Hardware and a smart card (was: example: secure computing kernel needed) Difference between TCPA-Hardware and a smart card and something else before Difference between TCPA-Hardware and a smart card and something else before Difference between TCPA-Hardware and a smart card and something else before Difference between TCPA-Hardware and a smart card and something else before Difference between TCPA-Hardware and a smart card and something else before Difference between TCPA-Hardware and a smart card and something else before TCPA-Hardware and a smart card (was: example: secure computing kernel TCPA-Hardware and a smart card (was: example: secure computing kernel needed) TCPA-Hardware and a smart card (was: example: secure computing kernel needed) TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed) PCs