Specification and Standardization of a Java Trusted Computing API
Article first published online: 13 JUL 2011
Copyright © 2011 John Wiley & Sons, Ltd.
Software: Practice and Experience
Volume 42, Issue 8, pages 945–965, August 2012
How to Cite
Toegl, R., Winkler, T., Nauman, M. and Hong, T. W. (2012), Specification and Standardization of a Java Trusted Computing API. Softw: Pract. Exper., 42: 945–965. doi: 10.1002/spe.1095
- Issue published online: 6 JUL 2012
- Article first published online: 13 JUL 2011
- Manuscript Accepted: 11 APR 2011
- Manuscript Revised: 1 APR 2011
- Manuscript Received: 19 MAY 2010
- trusted computing;
The paradigm of Trusted Computing promises a new approach to improve the security of computer systems. The core functionality, based on a hardware component known as Trusted Platform Module, is integrated into commodity hardware. However, operating system integration and application software support remains limited at present. In particular, for Java, the most widely used platform-independent computing environment, there is currently no generally accepted Trusted Computing API. In this article, we describe the design of a high-level API for Trusted Computing. We report on the current state of the Trusted Computing Group's software architecture and on previous approaches targeting Java. We derive our requirements and design goals and describe a novel API design. We report on our transparent approach to standardization in the Java Community Process. The result of this effort is the API we propose in the Java Specification Request 321. In this work, we not only present the design of this new API but also discuss implementation and testing strategies. Copyright © 2011 John Wiley & Sons, Ltd.