On the secure distribution of vendor-specific keys in deployment scenarios

Nicolai Kuntze, Carsten Rudolph

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

Abstract

Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection
Subtitle of host publication30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings
EditorsHannes Federrath, Dieter Gollmann
Place of PublicationCham Switzerland
PublisherSpringer
Pages630-644
Number of pages15
ISBN (Electronic)9783319184678
ISBN (Print)9783319184661
DOIs
Publication statusPublished - 2015
Externally publishedYes
EventIFIP TC-11 SEC International Information Security and Privacy Conference 2015 - Hamburg, Germany
Duration: 26 May 201528 May 2015
Conference number: 30th
https://www.ifipsec.org/2015/

Publication series

NameIFIP Advances in Information and Communication Technology
PublisherSpringer
Volume455
ISSN (Print)18684238
ISSN (Electronic)1868-422X

Conference

ConferenceIFIP TC-11 SEC International Information Security and Privacy Conference 2015
Abbreviated titleSEC 2015
CountryGermany
CityHamburg
Period26/05/1528/05/15
Internet address

Keywords

  • Trust Platform Module
  • Original Equipment Manufacturer
  • Deployment Scenario
  • Counterfeit Product
  • Trust Computing Group

Cite this