Implementing Trusted Terminals with a and SITDRM

AbstractThe SITDRM Enterprise system [N. Sheppard, R. Safavi-Naini “Protecting Privacy with the MPEG-21 IPMP Framework”. International Workshop on Privacy Enhancing Technologies 2006, pp. 152–171] protects private customer data by allowing customers to provide policies in the form of a machine-readable license. When employees of an organization want to use customers' data, they must be forced to abide by the licences provided. Some sort of hardened terminal must be used to ensure that not only the hardware and software will cooperate, but that the user of the terminal will too. We use the Trusted Computing Group's specifications for a trusted platform upon which to build a data user terminal that can be proved to implement correct license-enforcing behavior. A Trusted Platform Module (TPM) and a TPM-using operating system are all that may be required to construct a verifiably secure terminal

Implementing Trusted Terminals with a TPM and SITDRM

In the SITDRM Enterprise system [1], private customer data is protected under customer-provided license policies. When employees of an organization want to use these customers’ data, they must be forced to abide by the policies provided. Some sort of hardened terminal must be used to ensure that not only the hardware and software will cooperate, but that the user of the terminal will too. We use the Trusted Computing Group’s specifications for a trusted platform upon which to build a SITDRM data user terminal that can be proved to implement proper license-enforcing behavior. A Trusted Platform Module (TPM) chip and a TPMusing operating system are all that may be required to construct a verifiably secure terminal