This book constitutes the thoroughly refereed post-conference proceedings of the First International Conference on Trusted Computing and Trust in Information Technologies, TRUST 2008, held in Villach, Austria, in March 2008. The 13 revised full papers presented together with 1 invited lecture were carefully reviewed and selected from 43 submissions. The papers cover the core issues of trust in IT systems and present recent leading edge developments in the field of trusted infrastructure and computing to foster the international knowledge exchange necessary to catch up with the latest trends in science and technology developments.

The book summarizes key concepts and theories in trusted computing, e.g., TPM, TCM, mobile modules, chain of trust, trusted software stack etc, and discusses the configuration of trusted platforms and network connections. It also emphasizes the application of such technologies in practice, extending readers from computer science and information science researchers to industrial engineers.

This book describes the state-of-the-art in trusted computing for embedded systems. It shows how a variety of security and trusted computing problems are addressed currently and what solutions are expected to emerge in the coming years. The discussion focuses on attacks aimed at hardware and software for embedded systems, and the authors describe specific solutions to create security features. Case studies are used to present new techniques designed as industrial security solutions. Coverage includes development of tamper resistant hardware and firmware mechanisms for lightweight embedded devices, as well as those serving as security anchors for embedded platforms required by applications such as smart power grids, smart networked and home appliances, environmental and infrastructure sensor networks, etc. · Enables readers to address a variety of security threats to embedded hardware and software; · Describes design of secure wireless sensor networks, to address secure authentication of trusted portable devices for embedded systems; · Presents secure solutions for the design of smart-grid applications and their deployment in large-scale networked and systems.

Examines practical research and case studies on such benchmark topics as biometric and security technology, protection of digital assets and information, multilevel computer self-efficacy, and end-user Web development. Provides research into the advancement, productivity, and performance of the end user computing domain.

Thisvolumecontainsthe15paperspresentedinthetechnicalstrandoftheTrust 2009 conference, held in Oxford, UK in April 2009. Trust 2009 was the second international conference devoted to the technical and socio-economic aspects of trusted computing. The conference had two main strands, one devoted to technical aspects of trusted computing (addressed by these proceedings), and the other devoted to socio-economic aspects. Trust 2009 built on the successful Trust 2008 conference, held in Villach, Austria in March 2008. The proceedings of Trust 2008, containing 14 papers, were published in volume 4968 of the Lecture Notes in Computer Science series. ThetechnicalstrandofTrust2009contained15originalpapersonthedesign and application of trusted computing. For these proceedings the papers have been divided into four main categories, namely: – Implementation of trusted computing – Attestation – PKI for trusted computing – Applications of trusted computing The 15 papers included here were selected from a total of 33 submissions. The refereeing process was rigorous, involving at least three (and mostly more) independent reports being prepared for each submission. We are very grateful to our hard-working and distinguished Program Committee for doing such an excellent job in a timely fashion. We believe that the result is a high-quality set of papers, some of which have been signi?cantly improved as a result of the refereeing process. We would also like to thank all the authors who submitted their papers to the technical strand of the Trust 2009 conference, all external referees, and all the attendees of the conference.

In this book the authors first describe the background of trusted platforms and trusted computing and speculate about the future. They then describe the technical features and architectures of trusted platforms from several different perspectives, finally explaining second-generation TPMs, including a technical description intended to supplement the Trusted Computing Group's TPM2 specifications. The intended audience is IT managers and engineers and graduate students in information security.

Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent "Trusted Computing" initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.