WO2007148258A3 - Integrity checking and reporting model for hardware rooted trust enabled e-voting platform - Google Patents

Integrity checking and reporting model for hardware rooted trust enabled e-voting platform Download PDF

Info

Publication number
WO2007148258A3
WO2007148258A3 PCT/IB2007/052219 IB2007052219W WO2007148258A3 WO 2007148258 A3 WO2007148258 A3 WO 2007148258A3 IB 2007052219 W IB2007052219 W IB 2007052219W WO 2007148258 A3 WO2007148258 A3 WO 2007148258A3
Authority
WO
WIPO (PCT)
Prior art keywords
platform
trust
security
attestation
certification
Prior art date
Application number
PCT/IB2007/052219
Other languages
French (fr)
Other versions
WO2007148258A2 (en
Inventor
Ashish Anand
Original Assignee
Ashish Anand
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ashish Anand filed Critical Ashish Anand
Publication of WO2007148258A2 publication Critical patent/WO2007148258A2/en
Publication of WO2007148258A3 publication Critical patent/WO2007148258A3/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C13/00Voting apparatus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information

Abstract

Tamper-proofing is not sufficient for embedded computing platform security as it solves only half of the problem & replication can defeat all sophisticated measures of tamper-proofing. A replicated platform means look-alike and functionally equivalent model of original device. This invention uses hardware rooted trust in a novel way to guarantee platform security without hardware upgrade and re-certification. Tangible assurance about integrity of platform is essential to secure maximum public trust using an external attestation & certification unit (020). Attestation & certification unit (020) along with platform (021) is provisioned with security credentials using a provisioning server (018 & 019) shown as core root-of-trust at platform-vendor premises in a auditable and verifiable manner, beyond any disputes or litigations. This invention is based on distributed root-of-trust security model (as shown in Diagram 11) wherein both attestation unit (020) and platform (021) is on same trust hierarchy and hence can be used in many horizontal applications which are otherwise complex from legal, public-trust aspects and onus of anything going wrong is mostly one-sided. This also provides a maximum security against insider threats from inside of vendor premises.
PCT/IB2007/052219 2006-06-21 2007-06-12 Integrity checking and reporting model for hardware rooted trust enabled e-voting platform WO2007148258A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN1055CH2006 2006-06-21
IN1055/CHE/2006 2007-01-29

Publications (2)

Publication Number Publication Date
WO2007148258A2 WO2007148258A2 (en) 2007-12-27
WO2007148258A3 true WO2007148258A3 (en) 2008-10-30

Family

ID=38833839

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2007/052219 WO2007148258A2 (en) 2006-06-21 2007-06-12 Integrity checking and reporting model for hardware rooted trust enabled e-voting platform

Country Status (1)

Country Link
WO (1) WO2007148258A2 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009109811A1 (en) * 2008-03-07 2009-09-11 Ashish Anand Platform security model for networking solution platforms
US8667263B2 (en) 2010-02-12 2014-03-04 The Johns Hopkins University System and method for measuring staleness of attestation during booting between a first and second device by generating a first and second time and calculating a difference between the first and second time to measure the staleness
WO2016099644A1 (en) * 2014-12-19 2016-06-23 Private Machines Inc. Systems and methods for using extended hardware security modules
US10218696B2 (en) 2016-06-30 2019-02-26 Microsoft Technology Licensing, Llc Targeted secure software deployment
CN110245495B (en) * 2018-03-09 2023-05-26 阿里巴巴集团控股有限公司 BIOS checking method, configuration method, device and system
US11087578B2 (en) 2018-11-15 2021-08-10 Daniel Bernard Ruskin Voting booth, system, and methods of making and using same
DE102020111281A1 (en) * 2020-04-24 2021-10-28 Eto Magnetic Gmbh Copy protection procedure and copy-protected electronic system
CN111723381A (en) * 2020-07-03 2020-09-29 重庆智者炎麒科技有限公司 TEE-based voting method and system
DE102021000645B3 (en) * 2021-02-09 2022-08-11 Mercedes-Benz Group AG Procedure for checking cryptographic secrets for equality

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000054125A1 (en) * 1999-03-05 2000-09-14 Hewlett-Packard Company Computing apparatus and methods using secure authentication arrangement
US20020138554A1 (en) * 2001-03-26 2002-09-26 Motorola, Inc. Method for remotely verifying software integrity
US20030009687A1 (en) * 2001-07-05 2003-01-09 Ferchau Joerg U. Method and apparatus for validating integrity of software
EP1653321A1 (en) * 2004-10-27 2006-05-03 Lucent Technologies Inc. Method and apparatus for software integrity protection using timed executable agents
WO2006054128A1 (en) * 2004-11-22 2006-05-26 Nokia Corporation Method and device for verifying the integrity of platform software of an electronic device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000054125A1 (en) * 1999-03-05 2000-09-14 Hewlett-Packard Company Computing apparatus and methods using secure authentication arrangement
US20020138554A1 (en) * 2001-03-26 2002-09-26 Motorola, Inc. Method for remotely verifying software integrity
US20030009687A1 (en) * 2001-07-05 2003-01-09 Ferchau Joerg U. Method and apparatus for validating integrity of software
EP1653321A1 (en) * 2004-10-27 2006-05-03 Lucent Technologies Inc. Method and apparatus for software integrity protection using timed executable agents
WO2006054128A1 (en) * 2004-11-22 2006-05-26 Nokia Corporation Method and device for verifying the integrity of platform software of an electronic device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ANAND A. ET AL.: "Evolutionary Enhancements of eVoting Technology", November 2007 (2007-11-01), Retrieved from the Internet <URL:http://www.ijcim.th.org/v15nSP4/P32SEARCCEvolutionaryEnhancementsofeVotingTechnology.pdf> *
REMOTE VOTING@INDIA, March 2006 (2006-03-01), Retrieved from the Internet <URL:http://www.remotevote.org.in> *

Also Published As

Publication number Publication date
WO2007148258A2 (en) 2007-12-27

Similar Documents

Publication Publication Date Title
WO2007148258A3 (en) Integrity checking and reporting model for hardware rooted trust enabled e-voting platform
MY166564A (en) A system and method for privacy management for internet of things services
CN106452783A (en) Computer system and safe execution method
NZ782916A (en) Threshold signature based medical device management
WO2009012165A3 (en) Creating and validating cryptographically secured documents
WO2014138430A3 (en) Secure simple enrollment
WO2006044717A3 (en) One time password
WO2016175914A3 (en) Transaction signing utilizing asymmetric cryptography
WO2015187640A3 (en) System and method for secure review of audit logs
WO2014028617A8 (en) Near field communication based key sharing techniques
TW200731146A (en) Access
WO2009002599A3 (en) Electronically securing an electronic device using physically unclonable functions
WO2012023122A3 (en) Authentication device and system
WO2015023341A3 (en) Secure authorization systems and methods
US20190058599A1 (en) Distributed digital ledger
JP2015518198A5 (en)
WO2008146667A1 (en) Anonymous authenticating system and anonymous authenticating method
TW200723145A (en) Prescription authentication
WO2014026095A3 (en) Secure feature and key management in integrated circuits
MX2010009925A (en) A strong authentication token generating one-time passwords and signatures upon server credential verification.
WO2011083343A3 (en) System and method of enforcing a computer policy
WO2005083610A8 (en) Token authentication system and method
GB2473566A (en) Systems and method for data security
CN101834860A (en) Method for remote dynamic verification on integrality of client software
WO2007116355A3 (en) Challenge-response authentication of token by means physical uncloneable function

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07766725

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 6992/CHENP/2008

Country of ref document: IN

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS EPO FORM 1205A DATED 10.07.2009.

122 Ep: pct application non-entry in european phase

Ref document number: 07766725

Country of ref document: EP

Kind code of ref document: A2