Author:

Abstract:

This thesis explores how hardware security technologies can be applied to satisfy the diverse set of requirements inherent to identity management systems and technologies. This thesis focuses on the use of existing hardware-based security technologies by software rather than developing new hardware components. All concepts proposed in this thesis are subjected to an in-depth evaluation and are validated by means of a prototype.The first part of this thesis deals with device authentication between resource-constrained nodes and more powerful devices. A security architecture is presented that allows low-cost resource-constrained devices to establish a secure authenticated channel with more powerful devices using symmetric-key cryptography. The constrained devices can enforce fine-grained access control policies based on the information obtained during authentication. In application domains with a limited scope a tamper-resistant module containing a common cryptographic key can be added to the constrained devices to increase the scalability of the key management process.In the second part of this thesis a new user-centric identity management system is presented. Instead of relying on digital signature algorithms to assert the validity of attributes to service providers, the identity management system proposed in this part relies on a trusted application running on a tamperproof secure element. The service provider is assured that the received information originates from a genuine secure element in the system. The tamperproofness ensures that an attacker cannot directly access the memory of the secure element to extract or modify information. The identity management system combines several interesting features of existing governmental and federated identity management systems.In the third part of this thesis a trusted execution environment that can be established on commodity workstations and laptops using TPM-based technologies is used to increase the security and privacy of existing identity management technologies. Two complementary case studies are presented. The first case study focuses on the prevention of credential abuse through sharing or theft. The user's credential is, therefore, bound to one or more of his biometric traits. The second case study focuses on increasing the security and privacy of authentication infrastructures that rely on a smart card containing an X.509 credential and the identity information of the user. The system increases the security by allowing the user to enter his passcode via his workstation while protecting it from malware running on the operating system. The system increases the privacy of the user by giving the user more control over the disclosure of his information.