On the secure distribution of vendor-specific keys in deployment scenarios

Nicolai Kuntze; Carsten Rudolph

doi:10.1007/978-3-319-18467-8_42

On the secure distribution of vendor-specific keys in deployment scenarios

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

Abstract

Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

Original language	English
Title of host publication	ICT Systems Security and Privacy Protection
Subtitle of host publication	30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings
Editors	Hannes Federrath, Dieter Gollmann
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	630-644
Number of pages	15
ISBN (Electronic)	9783319184678
ISBN (Print)	9783319184661
DOIs	https://doi.org/10.1007/978-3-319-18467-8_42
Publication status	Published - 2015
Externally published	Yes
Event	IFIP TC-11 SEC International Information Security and Privacy Conference 2015 - Hamburg, Germany Duration: 26 May 2015 → 28 May 2015 Conference number: 30th https://www.ifipsec.org/2015/

Publication series

Name	IFIP Advances in Information and Communication Technology
Publisher	Springer
Volume	455
ISSN (Print)	18684238
ISSN (Electronic)	1868-422X

Conference

Conference	IFIP TC-11 SEC International Information Security and Privacy Conference 2015
Abbreviated title	SEC 2015
Country/Territory	Germany
City	Hamburg
Period	26/05/15 → 28/05/15
Internet address	https://www.ifipsec.org/2015/

Keywords

Trust Platform Module
Original Equipment Manufacturer
Deployment Scenario
Counterfeit Product
Trust Computing Group

Access to Document

10.1007/978-3-319-18467-8_42

Cite this

Kuntze, N., & Rudolph, C. (2015). On the secure distribution of vendor-specific keys in deployment scenarios. In H. Federrath, & D. Gollmann (Eds.), ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings (pp. 630-644). (IFIP Advances in Information and Communication Technology; Vol. 455). Springer. https://doi.org/10.1007/978-3-319-18467-8_42

Kuntze, Nicolai ; Rudolph, Carsten. / On the secure distribution of vendor-specific keys in deployment scenarios. ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. editor / Hannes Federrath ; Dieter Gollmann. Cham Switzerland : Springer, 2015. pp. 630-644 (IFIP Advances in Information and Communication Technology).

@inproceedings{3ac81f0e8b6044eaae79af4aa13888cc,

title = "On the secure distribution of vendor-specific keys in deployment scenarios",

abstract = "Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.",

keywords = "Trust Platform Module, Original Equipment Manufacturer, Deployment Scenario, Counterfeit Product, Trust Computing Group",

author = "Nicolai Kuntze and Carsten Rudolph",

year = "2015",

doi = "10.1007/978-3-319-18467-8_42",

language = "English",

isbn = "9783319184661",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer",

pages = "630--644",

editor = "Federrath, {Hannes } and Gollmann, {Dieter }",

booktitle = "ICT Systems Security and Privacy Protection",

note = "IFIP TC-11 SEC International Information Security and Privacy Conference 2015, SEC 2015 ; Conference date: 26-05-2015 Through 28-05-2015",

url = "https://www.ifipsec.org/2015/",

}

Kuntze, N & Rudolph, C 2015, On the secure distribution of vendor-specific keys in deployment scenarios. in H Federrath & D Gollmann (eds), ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. IFIP Advances in Information and Communication Technology, vol. 455, Springer, Cham Switzerland, pp. 630-644, IFIP TC-11 SEC International Information Security and Privacy Conference 2015, Hamburg, Lower Saxony, Germany, 26/05/15. https://doi.org/10.1007/978-3-319-18467-8_42

On the secure distribution of vendor-specific keys in deployment scenarios. / Kuntze, Nicolai; Rudolph, Carsten.
ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. ed. / Hannes Federrath; Dieter Gollmann. Cham Switzerland: Springer, 2015. p. 630-644 (IFIP Advances in Information and Communication Technology; Vol. 455).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - On the secure distribution of vendor-specific keys in deployment scenarios

AU - Kuntze, Nicolai

AU - Rudolph, Carsten

N1 - Conference code: 30th

PY - 2015

Y1 - 2015

N2 - Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

AB - Product counterfeit is a tremendous challenge for vendors in many areas. Particularly important is a prevention of product counterfeit where products like telecommunication devices interact with other systems and thus a malfunctioning of a single device can jeopardize the complete system. This can also deteriorate the reputation of the vendor. Furthermore, violation of intellectual properties can cause financial losses. Detection of product counterfeit can be based on tracking back each device to the production process of the vendor to ensure the product origin. Devices without a verified source can then be considered counterfeit with a high potential to be malicious or of low quality. Vendors already apply vendor-specific security technologies protecting the distribution. These often employ special hardware-based security mechanisms specifically designed for a particular range of products. This publication shows the usage of the already available Trusted Platform Module to allow for distribution channel protection and to leverage overall security by allowing the secure identification of a specific device. It also explains a few additional Trusted Platform Module functionalities that can be used.

KW - Trust Platform Module

KW - Original Equipment Manufacturer

KW - Deployment Scenario

KW - Counterfeit Product

KW - Trust Computing Group

UR - http://www.scopus.com/inward/record.url?scp=84942645769&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-18467-8_42

DO - 10.1007/978-3-319-18467-8_42

M3 - Conference Paper

AN - SCOPUS:84942645769

SN - 9783319184661

T3 - IFIP Advances in Information and Communication Technology

SP - 630

EP - 644

BT - ICT Systems Security and Privacy Protection

A2 - Federrath, Hannes

A2 - Gollmann, Dieter

PB - Springer

CY - Cham Switzerland

T2 - IFIP TC-11 SEC International Information Security and Privacy Conference 2015

Y2 - 26 May 2015 through 28 May 2015

ER -

Kuntze N, Rudolph C. On the secure distribution of vendor-specific keys in deployment scenarios. In Federrath H, Gollmann D, editors, ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26–28, 2015 Proceedings. Cham Switzerland: Springer. 2015. p. 630-644. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-319-18467-8_42

On the secure distribution of vendor-specific keys in deployment scenarios

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Cite this