[ISN] REVIEW: "Trusted Computing Platforms", Siani Pearson

R. A. Hettinga rah at shipwright.com
Wed Jan 1 15:13:14 EST 2003 

--- begin forwarded text


Status: RO
Date: Mon, 30 Dec 2002 02:23:11 -0600 (CST)
From: InfoSec News <isn at c4i.org>
To: isn at attrition.org
Subject: [ISN] REVIEW: "Trusted Computing Platforms", Siani Pearson
Sender: owner-isn at attrition.org
Reply-To: InfoSec News <isn at c4i.org>

Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah"
<rslade at sprint.ca>

BKTRCMPL.RVW   20020916

"Trusted Computing Platforms", Siani Pearson, 2003, 0-13-009220-7,
U$49.99/C$77.99
%E   Siani Pearson
%C   One Lake St., Upper Saddle River, NJ   07458
%D   2003
%G   0-13-009220-7
%I   Prentice Hall
%O   U$49.99/C$77.99 +1-201-236-7139 fax: +1-201-236-7131
%O  http://www.amazon.com/exec/obidos/ASIN/0130092207/robsladesinterne
%P   322 p.
%T   "Trusted Computing Platforms: TCPA Technology in Context"

Part one introduces trusted platform technology, as a kind of public
key infrastructure implemented in hardware.  (Which begs the question:
what do you do about key revocation?)  Chapter one, an overview of the
trusted computing platform concept, is not very clear on basic ideas
beyond hardware implementation involvement and the notion of
measurement, or assurance.  There are usage scenarios of applications
that can be done, or done better, with trusted platforms, in chapter
two.  Not all of these cases are convincing evidence that trusted
platforms are better.  The cryptographic underpinnings of trusted
platforms are examined in chapter three, but it would be clearer if
the basics of asymmetric cryptography were covered and standard
cryptographic and certificate authority terms were used.

Part two concerns trust mechanisms in a trusted platform, but is
basically a list of commands.  Chapter four deals with access control,
to do with physical presence requirements, ownership, and
authorization.  Platform identification and endorsement is covered in
chapter five.  Chapter six discusses integrity recording, reporting,
and secure boot.  Protected storage of keys is in chapter seven,
migration and maintenance methods in chapter eight, and other assorted
functions in chapter nine.

Part three reviews trusted platforms in practice and operation.
Chapter ten describes the setup of a new trusted platform, chapter
eleven deals with what would elsewhere be known as trust
relationships, and challenging a trusted platform--authentication of a
server--is in chapter twelve.

Part four presents the benefits of trusted platforms, first to
organizations and corporations, in chapter thirteen, and then to
individuals and users, in chapter fourteen.

This book is not clear, either about what TCPA (Trusted Computing
Platform Alliance) technology is, nor how it can effectively be used.
Although the authors occasionally admit that there may be problems
with the system, there seems to be a kind of background arrogance in
operation, that assumes everyone will have to use this technology, so
they might was well learn the commands.

copyright Robert M. Slade, 2002   BKTRCMPL.RVW   20020916

-- 
======================
rslade at vcn.bc.ca  rslade at sprint.ca  slade at victoria.tc.ca p1 at canada.com
Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
    February 10, 2003   February 14, 2003   St. Louis, MO
    March 31, 2003      April 4, 2003       Indianapolis, IN




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo at attrition.org with 'unsubscribe isn'
in the BODY of the mail.

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list