1. UKM Learning and Research Repository
2. PHD Thesis / Tesis PHD
3. Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat

Title:	A user authentication model for securing trusted computing environment
Authors:	Alshar'e Marwan Ibrahim Ahmad (P50008)
Supervisor:	Abdullah Mohd Zin , Prof.
Keywords:	Computers-Access control. Trusted Platform Module - user authentication model
Issue Date:	6-Jun-2015
Description:	Trusted Platform Module (TPM) is a security chip that is attached to the motherboard of a computer system. TPM is designed to provide security for confidential information within the computer system. It works by encrypting the keys that are used to encrypt confidential information, and storing the encrypted keys within its built-in memory storage, hidden away from attackers. TPM works perfectly to protect user’s information. Therefore, the use of TPM by computer system manufacturers is rapidly increasing. However, TPM is vulnerable to physical attacks. Evil Maid is an example of such attacks, where it collects passphrases from the attacked system and stores it on the hard drive or sends it over the network, back to the attacker. The attacker can then use the keys in the next physical access to penetrate the system and collect the encrypted information. Although there are many available tools and methods to secure TPM against physical attacks, there still exist cases of attacks on TPM, which shows the weakness of these tools. Therefore, a model to thwart this problem is proposed, which is based on the TPM user authentication model, which provide a secure TPM-based system. The proposed model utilizes two security mechanisms namely virtualization and biometrics. Four specific objectives of this research is to analyze the safety level and performance of TPM in trusted computing environment; to propose a new model for secure user authentication of TPM, namely the TPM-UAM model; to develop a prototype for the proposed model for a proof-of-concept; and finally to evaluate the proposed model. For the first objective, an in-depth literature investigation conducted to analyze the level of security provided by TPM and the threats to TPM. This study is then verified by a focus group consisting of experts in trusted computing. For the second objective, the Iterative Triangulation method is used to develop the model. The results of the literature analysis together with the proposed TPM-UAM model were evaluated qualitatively using focus group of experts. For the third objective, prototyping-based methodology is used to implement TPM-UAM as it allows the iteration process of different phases as well as changes to the prototype, during the implementation process. The prototype system is designed and implemented by integrating various tools. The virtualization is supported by XEN hypervisor. Two biometrics authentication methods used are finger print and face recognition, since they are proven to provide high level of security. Then the prototype system is tested using functional testing technique to prove systems usability. Lastly, the system that has been developed is evaluated by a set of experts. The main contribution of this study is the TPM-UAM model and the prototype for the model. By using this model, TPM can be protected in three aspects: to prevent direct interaction between TPM and attackers to eliminate evil maid and related threats; to support weak authentication technique of TPM; and to secure active sessions of TPM. The system has been thoroughly evaluated by a set of experts and it is proven to be resistance against physical attacks.,Ph.D
Pages:	236
Call Number:	QA76.9.A25 A454 2015 3
Publisher:	UKM, Bangi
Appears in Collections:	Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.