Design and implementation of the TPM user authentication model

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

The Trusted Computing Group (TCG) has introduced the Trusted Platform Module (TPM) as a solution to assure end users of their privacy and confidentiality. Although the TPM is designed to prevent software attacks, the TPM itself is vulnerable to physical attacks that could enable intruders to gain access to confidential data. In general, the TPM provides an ID and implements a password identification technique to prevent unauthorized users from gaining access to the TPM. The TPM user authentication is carried out by the TPM itself, which exposes the TPM to direct risk as highly skilled intruders can break the authentication line of defence and gain access to the TPM. The process of encrypting and decrypting information, especially when asymmetric algorithms are used, is viewed as a process that consumes time and resources, which decreases the speed of the computer. In order to solve the problems, a TPM User Authentication Model (TPM-UAM) that can provide the TPM with a higher level of security and resistance against physical attacks has been proposed as we proposed in our previous research paper (Alshar'e et al., 2014). The technique is based on biometric authentication to prove the identity of the users and to allow the process of authentication to happen at an independent platform using virtualization that will keep the TPM out of reach until a user is completely verified and approved. The TPM-UAM is able to provide a more satisfactory level of confidence for data and processes that can be rated as highly confidential and private. The model was successfully developed and tested and the results confirmed the model efficiency and ability to secure TPM and all functions have been confirmed to be working perfectly according to what they were designed for. This paper describes the design and implementation of TPM-UAM system based on the proposed authentication model, virtualization has been implemented to create authentication platform to prevent direct interaction with TPM and biometrics has been implemented to verify identities and supervise running TPM, the system testing results in confirming the system functionality and ability to secure and protect TPM.

Original languageEnglish
Pages (from-to)2299-2314
Number of pages16
JournalJournal of Computer Science
Volume10
Issue number11
DOIs
Publication statusPublished - 2014

Fingerprint

Authentication
Hardware security
Biometrics

Keywords

  • Authentication
  • Biometrics
  • Face recognition
  • Fingerprint
  • TCG
  • TPM
  • Virtualization
  • Xen

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Artificial Intelligence

Cite this

Design and implementation of the TPM user authentication model. / Alshar'e, Marwan Ibrahim; Sulaiman, Rossilawati; Mokhtar, Mohd Rosmadi; MohdZin, Abdullah.

In: Journal of Computer Science, Vol. 10, No. 11, 2014, p. 2299-2314.

Research output: Contribution to journalArticle

@article{42b0d22b555c48a6801cd09565345f2d,
title = "Design and implementation of the TPM user authentication model",
abstract = "The Trusted Computing Group (TCG) has introduced the Trusted Platform Module (TPM) as a solution to assure end users of their privacy and confidentiality. Although the TPM is designed to prevent software attacks, the TPM itself is vulnerable to physical attacks that could enable intruders to gain access to confidential data. In general, the TPM provides an ID and implements a password identification technique to prevent unauthorized users from gaining access to the TPM. The TPM user authentication is carried out by the TPM itself, which exposes the TPM to direct risk as highly skilled intruders can break the authentication line of defence and gain access to the TPM. The process of encrypting and decrypting information, especially when asymmetric algorithms are used, is viewed as a process that consumes time and resources, which decreases the speed of the computer. In order to solve the problems, a TPM User Authentication Model (TPM-UAM) that can provide the TPM with a higher level of security and resistance against physical attacks has been proposed as we proposed in our previous research paper (Alshar'e et al., 2014). The technique is based on biometric authentication to prove the identity of the users and to allow the process of authentication to happen at an independent platform using virtualization that will keep the TPM out of reach until a user is completely verified and approved. The TPM-UAM is able to provide a more satisfactory level of confidence for data and processes that can be rated as highly confidential and private. The model was successfully developed and tested and the results confirmed the model efficiency and ability to secure TPM and all functions have been confirmed to be working perfectly according to what they were designed for. This paper describes the design and implementation of TPM-UAM system based on the proposed authentication model, virtualization has been implemented to create authentication platform to prevent direct interaction with TPM and biometrics has been implemented to verify identities and supervise running TPM, the system testing results in confirming the system functionality and ability to secure and protect TPM.",
keywords = "Authentication, Biometrics, Face recognition, Fingerprint, TCG, TPM, Virtualization, Xen",
author = "Alshar'e, {Marwan Ibrahim} and Rossilawati Sulaiman and Mokhtar, {Mohd Rosmadi} and Abdullah MohdZin",
year = "2014",
doi = "10.3844/jcssp.2014.2299.2314",
language = "English",
volume = "10",
pages = "2299--2314",
journal = "Journal of Computer Science",
issn = "1549-3636",
publisher = "Science Publications",
number = "11",

}

TY - JOUR

T1 - Design and implementation of the TPM user authentication model

AU - Alshar'e, Marwan Ibrahim

AU - Sulaiman, Rossilawati

AU - Mokhtar, Mohd Rosmadi

AU - MohdZin, Abdullah

PY - 2014

Y1 - 2014

N2 - The Trusted Computing Group (TCG) has introduced the Trusted Platform Module (TPM) as a solution to assure end users of their privacy and confidentiality. Although the TPM is designed to prevent software attacks, the TPM itself is vulnerable to physical attacks that could enable intruders to gain access to confidential data. In general, the TPM provides an ID and implements a password identification technique to prevent unauthorized users from gaining access to the TPM. The TPM user authentication is carried out by the TPM itself, which exposes the TPM to direct risk as highly skilled intruders can break the authentication line of defence and gain access to the TPM. The process of encrypting and decrypting information, especially when asymmetric algorithms are used, is viewed as a process that consumes time and resources, which decreases the speed of the computer. In order to solve the problems, a TPM User Authentication Model (TPM-UAM) that can provide the TPM with a higher level of security and resistance against physical attacks has been proposed as we proposed in our previous research paper (Alshar'e et al., 2014). The technique is based on biometric authentication to prove the identity of the users and to allow the process of authentication to happen at an independent platform using virtualization that will keep the TPM out of reach until a user is completely verified and approved. The TPM-UAM is able to provide a more satisfactory level of confidence for data and processes that can be rated as highly confidential and private. The model was successfully developed and tested and the results confirmed the model efficiency and ability to secure TPM and all functions have been confirmed to be working perfectly according to what they were designed for. This paper describes the design and implementation of TPM-UAM system based on the proposed authentication model, virtualization has been implemented to create authentication platform to prevent direct interaction with TPM and biometrics has been implemented to verify identities and supervise running TPM, the system testing results in confirming the system functionality and ability to secure and protect TPM.

AB - The Trusted Computing Group (TCG) has introduced the Trusted Platform Module (TPM) as a solution to assure end users of their privacy and confidentiality. Although the TPM is designed to prevent software attacks, the TPM itself is vulnerable to physical attacks that could enable intruders to gain access to confidential data. In general, the TPM provides an ID and implements a password identification technique to prevent unauthorized users from gaining access to the TPM. The TPM user authentication is carried out by the TPM itself, which exposes the TPM to direct risk as highly skilled intruders can break the authentication line of defence and gain access to the TPM. The process of encrypting and decrypting information, especially when asymmetric algorithms are used, is viewed as a process that consumes time and resources, which decreases the speed of the computer. In order to solve the problems, a TPM User Authentication Model (TPM-UAM) that can provide the TPM with a higher level of security and resistance against physical attacks has been proposed as we proposed in our previous research paper (Alshar'e et al., 2014). The technique is based on biometric authentication to prove the identity of the users and to allow the process of authentication to happen at an independent platform using virtualization that will keep the TPM out of reach until a user is completely verified and approved. The TPM-UAM is able to provide a more satisfactory level of confidence for data and processes that can be rated as highly confidential and private. The model was successfully developed and tested and the results confirmed the model efficiency and ability to secure TPM and all functions have been confirmed to be working perfectly according to what they were designed for. This paper describes the design and implementation of TPM-UAM system based on the proposed authentication model, virtualization has been implemented to create authentication platform to prevent direct interaction with TPM and biometrics has been implemented to verify identities and supervise running TPM, the system testing results in confirming the system functionality and ability to secure and protect TPM.

KW - Authentication

KW - Biometrics

KW - Face recognition

KW - Fingerprint

KW - TCG

KW - TPM

KW - Virtualization

KW - Xen

UR - http://www.scopus.com/inward/record.url?scp=84987677239&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987677239&partnerID=8YFLogxK

U2 - 10.3844/jcssp.2014.2299.2314

DO - 10.3844/jcssp.2014.2299.2314

M3 - Article

AN - SCOPUS:84987677239

VL - 10

SP - 2299

EP - 2314

JO - Journal of Computer Science

JF - Journal of Computer Science

SN - 1549-3636

IS - 11

ER -