On the secure distribution of vendor-specific keys in deployment scenarios

Nicolai Kuntze, Carsten Rudolph

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

Abstract

Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection
Subtitle of host publication30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings
EditorsHannes Federrath, Dieter Gollmann
Place of PublicationCham Switzerland
PublisherSpringer
Pages630-644
Number of pages15
ISBN (Electronic)9783319184678
ISBN (Print)9783319184661
DOIs
Publication statusPublished - 2015
Externally publishedYes
EventIFIP TC-11 SEC International Information Security and Privacy Conference 2015 - Hamburg, Germany
Duration: 26 May 201528 May 2015
Conference number: 30th
https://www.ifipsec.org/2015/

Publication series

NameIFIP Advances in Information and Communication Technology
PublisherSpringer
Volume455
ISSN (Print)18684238
ISSN (Electronic)1868-422X

Conference

ConferenceIFIP TC-11 SEC International Information Security and Privacy Conference 2015
Abbreviated titleSEC 2015
CountryGermany
CityHamburg
Period26/05/1528/05/15
Internet address

Keywords

  • Trust Platform Module
  • Original Equipment Manufacturer
  • Deployment Scenario
  • Counterfeit Product
  • Trust Computing Group

Cite this

Kuntze, N., & Rudolph, C. (2015). On the secure distribution of vendor-specific keys in deployment scenarios. In H. Federrath, & D. Gollmann (Eds.), ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings (pp. 630-644). (IFIP Advances in Information and Communication Technology; Vol. 455). Cham Switzerland: Springer. https://doi.org/10.1007/978-3-319-18467-8_42
Kuntze, Nicolai ; Rudolph, Carsten. / On the secure distribution of vendor-specific keys in deployment scenarios. ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. editor / Hannes Federrath ; Dieter Gollmann. Cham Switzerland : Springer, 2015. pp. 630-644 (IFIP Advances in Information and Communication Technology).
@inproceedings{3ac81f0e8b6044eaae79af4aa13888cc,
title = "On the secure distribution of vendor-specific keys in deployment scenarios",
abstract = "Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.",
keywords = "Trust Platform Module, Original Equipment Manufacturer, Deployment Scenario, Counterfeit Product, Trust Computing Group",
author = "Nicolai Kuntze and Carsten Rudolph",
year = "2015",
doi = "10.1007/978-3-319-18467-8_42",
language = "English",
isbn = "9783319184661",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer",
pages = "630--644",
editor = "Federrath, {Hannes } and Gollmann, {Dieter }",
booktitle = "ICT Systems Security and Privacy Protection",

}

Kuntze, N & Rudolph, C 2015, On the secure distribution of vendor-specific keys in deployment scenarios. in H Federrath & D Gollmann (eds), ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. IFIP Advances in Information and Communication Technology, vol. 455, Springer, Cham Switzerland, pp. 630-644, IFIP TC-11 SEC International Information Security and Privacy Conference 2015, Hamburg, Germany, 26/05/15. https://doi.org/10.1007/978-3-319-18467-8_42

On the secure distribution of vendor-specific keys in deployment scenarios. / Kuntze, Nicolai; Rudolph, Carsten.

ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. ed. / Hannes Federrath; Dieter Gollmann. Cham Switzerland : Springer, 2015. p. 630-644 (IFIP Advances in Information and Communication Technology; Vol. 455).

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

TY - GEN

T1 - On the secure distribution of vendor-specific keys in deployment scenarios

AU - Kuntze, Nicolai

AU - Rudolph, Carsten

PY - 2015

Y1 - 2015

N2 - Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

AB - Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

KW - Trust Platform Module

KW - Original Equipment Manufacturer

KW - Deployment Scenario

KW - Counterfeit Product

KW - Trust Computing Group

UR - http://www.scopus.com/inward/record.url?scp=84942645769&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-18467-8_42

DO - 10.1007/978-3-319-18467-8_42

M3 - Conference Paper

AN - SCOPUS:84942645769

SN - 9783319184661

T3 - IFIP Advances in Information and Communication Technology

SP - 630

EP - 644

BT - ICT Systems Security and Privacy Protection

A2 - Federrath, Hannes

A2 - Gollmann, Dieter

PB - Springer

CY - Cham Switzerland

ER -

Kuntze N, Rudolph C. On the secure distribution of vendor-specific keys in deployment scenarios. In Federrath H, Gollmann D, editors, ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. Cham Switzerland: Springer. 2015. p. 630-644. (IFIP Advances in Information and Communication Technology). https://doi.org/10.1007/978-3-319-18467-8_42