Abstract of

'Trusted Computing enhanced OpenID'

Trusted Computing, used as a security technology, can establish trust between multiple parties. One implementation of Trusted Computing Technology standardized by the Trusted Computing Group is the Trusted Platform Module (TPM). We build on the security provided by the TPM to create a trusted variant of Identity Management Systems based on the popular OpenID protocol. We show that it is feasible to bind OpenID identities to the trustworthiness of the device. Our concept and implementation builds on previous work which showed that Trusted Computing can be used to create tickets. In this work, we use such tickets as a building block to establish trust in the OpenID protocol between the identity provider and the device.