A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios

Cover für 'A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios'
Von Martin W. Murhammer
A Comparison between Smart Cards and Trusted Platform Modules in Business Scenarios

2007

diplom.de

166 S., 22 SW-Abb., 21 Tabellen

E-Book (PDF-Format)

ISBN 978-3-8366-0727-8

58,00 EUR
inkl. MwSt.
  • Format: E-Book PDF

google.comdel.icio.usMister Wongaddthis.com

Inhaltsangabe:Abstract: Loss of proprietary information can be anywhere between disadvantageous to disastrous to organizations and private individuals alike. Main reasons that contribute to that are theft of computing devices-whether or not they are mobile or portable-theft of proprietary information, and unauthorized access to information. Causes of the aforementioned problem that are of particular interest for this thesis are lack of sufficiently strong authentication of users and lack of sufficiently strong protection of information on mobile and removable devices, as outlined in the following two paragraphs. Authentication-the process of validating a given identity based upon certain credentials-is a critical step to secure access to valuable information assets. Even though more granular authorization mechanisms may be provided by modern computer systems, mainstream operating systems offer at least one method of user authentication. The same holds true for devices such as personal digital assistants (PDA) and mobile telephones. The fact that this protection can be turned off is deplorable from a security point of view but it may serve a particular business need when no critical information has to be protected and ease of use is of the essence. The proliferation of mobile computing devices throughout the general population of users is constantly increasing. Subsequently, it is safe to assume that such devices are used to store and/or access critical business information. The threat to that information lies in the circumstances of mobility. Mobile devices are subject to theft as well as contamination with malware (viruses, worms, Trojan horse software, etc.) when connected to foreign network infrastructures. While critical information inside an organization can be-and usually is-well guarded, providing equal measures of protection to mobile devices can be technically, organizationally and financially challenging and hence has been often neglected by corporate IT departments. Aside from proper authentication, protection of information in storage as well as in transport requires equal consideration in this environment. In order to overcome the problem of insufficient authentication and protection, several security controls are available to users and security administrators today. The question that they are frequently facing is which one to choose in a given situation. This question is the core motivation to research this topic. The idea to [...] Martin W. Murhammer, CISSP, ISSAP, MCP, is a Certified Senior Information Security Consultant and Certified IT Infrastructure Architect with IBM Global Services in Vienna, Austria. He holds a Master's degree in Information Security Management from Danube University, Krems, Austria. The main focus of his professional work lies in the area of security assessments, architectures and programs as well as firewalls, VPN, PKI and identity management. He is a member of the IBM Security Architecture Board. Mr. Murhammer has 22 years of IT experience including areas such as networking, systems management, server design, high availability, and information security. Important contributors to his experience and expertise were international residencies and assignments to IBM U.S., where he was working in close relationship with global product and services development teams and international support units, and where he was leading multinational teams. Mr. Murhammer is a speaker at national and international events and lectures on Information Security at the Danube University, Krems. Mr. Murhammer occasionally features in press articles and he has authored and co-authored a number of technical publications, most prominently "TCP/IP Tutorial and Technical Overview" and "A Comprehensive Guide to Virtual Private Networks". During his professional career, he has been involved in projects in Austria and other countries in Europe and Asia/Pacific.

This thesis focuses on the area of authentication and machine binding using either smart card or trusted platform module (TPM) technology, or a combination thereof. It is the major objective to demonstrate the value of each of these technologies based upon selected business scenarios. Underlying trust models and architectural requirements are discussed, and theoretical background of these technologies is provided to accommodate readers with the relevant terms to follow the subsequent discussion. The major part of this thesis consists of the research, comparison and analysis of existing publications and other sources scientific, commercial, qualified journalistic or other to gather a foundation of information on the subject topic. The problem cases or scenarios for applicability of smart card or TPM technology are based upon that research as well as the professional experience of the author and are not selected at random. This thesis shall provide interested readers with a decision base for the selection of protection mechanisms based upon either smart cards or TPM, or both.

Martin W. Murhammer

Martin W. Murhammer, CISSP, ISSAP, MCP, is a Certified Senior Information Security Consultant and Certified IT Infrastructure Architect with IBM Global Services in Vienna, Austria. He holds a Master s degree in Information Security Management from Danube University, Krems, Austria. The main focus of his professional work lies in the area of security assessments, architectures and programs as well as firewalls, VPN, PKI and identity management. He is a member of the IBM Security Architecture Board.§Mr. Murhammer has 22 years of IT experience including areas such as networking, systems management, server design, high availability, and information security.§Important contributors to his experience and expertise were international residencies and assignments to IBM U.S., where he was working in close relationship with global product and services development teams and international support units, and where he was leading multinational teams. Mr. Murhammer is a speaker at national and international events and lectures on Information Security at the Danube University, Krems. Mr. Murhammer occasionally features in press articles and he has authored and co-authored a number of technical publications, most prominently TCP/IP Tutorial and Technical Overview and A Comprehensive Guide to Virtual Private Networks. During his professional career, he has been involved in projects in Austria and other countries in Europe and Asia/Pacific.
Grafik Versandkostenfrei

Versandkostenfreie Lieferung

  • Lieferung innerhalb Deutschlands versandkostenfrei
  • Lieferung ins Ausland zuzüglich Versandkosten
mehr ...