liu.seSearch for publications in DiVA
Change search
ReferencesLink to record
Permanent link

Direct link
Design and Implementation of the Ephemerizer System
Linköping University, Department of Computer and Information Science.
2007 (English)Independent thesis Advanced level (degree of Magister), 20 points / 30 hpStudent thesis
Abstract [en]

This thesis describes the system design and implementation of the secure Ephemerizer System that was first introduced by Radia Perlman in 2005. The system is designed to enable users to keep data for a finite period of time before making the data unrecoverable by destroying the keys with which the data was encrypted. The task of the Ephemerizer System service is to create, advertise, and destroy keys required for the Ephemerizer System's functionalities.

We designed the Ephemerizer System Service's security by placing the sensitive key management modules into a Trusted Computing Base (TCB). Our compartmentalized approach distributes security requirements at different sensitivity levels into different protection domains. In our approach, we implement the trusted protection domain (our TCB) on a tamper-resistant Javacard.

We placed the key storage database into the partly trusted protection domain to improve scalability and availability of the Ephemerizer System. The partly trusted protection domain requires memory isolation and other security mechanisms provided by the underlying operating system. We implemented several mechanisms on the TCB, such as the signature engine, cryptographic modules, the on-card expiration validator, and on-card time verification. We make the Ephemerizer System available to users as a web service and expose it though a uniform API. This approach enables the seamless integration of the Ephemerizer System into business processes on heterogeneous platforms.

Place, publisher, year, edition, pages
Institutionen för datavetenskap , 2007. , 102 p.
Keyword [en]
Ephemerizer, Javacard, Cryptography, Trusted Computing Base, Webservices
National Category
Computer Science
URN: urn:nbn:se:liu:diva-9137ISRN: LITH-IDA-EX--07/032--SEOAI: diva2:23767
2007-05-12, al-Khwarizmi, B-Building, 10:00
Available from: 2007-08-15 Created: 2007-08-15

Open Access in DiVA

fulltext(1618 kB)781 downloads
File information
File name FULLTEXT01.pdfFile size 1618 kBChecksum SHA-1
Type fulltextMimetype application/pdf

By organisation
Department of Computer and Information Science
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 781 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 474 hits
ReferencesLink to record
Permanent link

Direct link