AVIT -
Applied Verification for Integrity and Trust
AVIT (Applied Verification for Integrity and Trust) is part of the
EU-supported OpenTC
project to explore whether an open methodology can give guidance
to designers, implementers, and independent evaluators to standardize
tests for trustworthiness.
The Trusted Computing Group (TCG) and Trusted Platform Module (TPM)
are the center of a paranoia level as high as any in conspiracy
circles. The open, community-reviewed, methodology of Applied
Verification for Integrity and Trust (AVIT) will apply tests to answer
the core questions of Trusted Computing and dispel the catalytic myths
assisting current paranoia.
Trusted Computing is often associated with DRM (digital rights
management) but has far more important possibilities. Even its
potential for DRM is in itself not all bad as it can open doors for
information and entertainment access currently not available to many
people who may suffer from physical or sensory limitations or illness.
Outside of DRM, Trusted Computing can provide means for new system
support services where systems can be maintained by a third party with
tamper-proof assurances. Services like this can range from server
support to data insurance. Furthermore, being able to link a system to
a person with the same probability of matching DNA at a crime scene to
a perpetrator will open more possibilities for honest transactions
while thoroughly minimizing false accusations of computer crime and
drawn out trials of expert "opinions" where the facts can speak for
themselves. However, none of this is possible if the people have no
means for trusting the system.
Enter the Trusted Computing Group (TCG) and the Trusted Platform
Module (TPM). The growing ubiquity of the TPM on computer motherboards
has managed to put, at the very least, the Free/Open Source Software
(FOSS) and LINUX communities on the defensive with the TCG. The
movement to involve the TPM in commercially viable interests by
members of the TCG have precluded these arguments with the uncertain
future of TPM application with the exaggerations of wants and fears.
Most of these come from who is involved in the TCG rather than what
they have done.
As part of OpenTC, an EU-supported, collaborative research and
development project started in November 2005, ISECOM is approaching
Trusted Computing in a pragmatic fashion. Developing trust tests works
best in the FOSS approach and as ISECOM approaches every methodology,
we will take paranoia from everyone and devise the most thorough means
to address all fears towards trustworthiness. That will also allow for
tests which provide a metric for trustworthiness. Which, in turn, will
allow transparent rules of trustworthiness to be followed to
conclusion and therefore decide STOP or GO. In conclusion, ISECOM will
attempt to open the methods of trustworthiness.
This project's goals are to develop test methods and metrics for
assuring trustworthiness for the software developer, the user, and
third parties needing assurance towards trust. A means must exist for
transparency and communication of openness while not sacrificing
privacy.
This project is not about supporting DRM, Palladium,
"trustworthiness", or Trusted Computing (TCPA specifically) rather it
assuring trusted computing claims and assuring trust goes both ways
from what we want on our systems to what others put on it known and
unknown.
If you are interested in helping with this project please contact us
at avit<at>isecom.org
| Name
|
Spain Mirror
sponsored by |
USA Mirror
sponsored by
|
|
AVIT_Abstract.v2.pdf..................... |
 |
|
6649 visits (2 today, 10 this week)
TEAM ACCESS