"The Quest for Trusted Computing: Promises, Expectations, Practice, and Challenges", presented at dimva 2011

by Ahmad-reza Sadeghi,

Summary : Trusted Computing (TC) aims at providing a framework to establish trust among the components of a heterogeneous computing environment, in particular to detect, mitigate or reduce the impact of malware. A recent industrial initiative towards the realization of TC functionality has been put forward by the Trusted Computing Group (TCG) that published a set of specifications for extending conventional computer architectures with a variety of security-related features and cryptographic mechanisms.
Currently, there is a vast amount of work that goes beyond the TCG approach by either extending it or providing improved alternative solutions. In particular the current trend towards Clouds and the debate on their security celebrates also the reincarnation of Trusted Computing. TC is an emerging enabling technology that can improve the security of computer systems and support policy enforcement beyond own trust boundaries allowing to realize new business models. In this talk, we consider the current state of Trusted Computing and discuss the major problems that impede its practical and widespread deployment in today's computing systems. We discuss what can be done with the Trusted Computing today and present emerging technologies that may soon be available to improve the security of mobile and embedded systems. We then conclude pointing out some of the major challenges for further research.