Trusted Ticket Systems and Applications

Trusted Computing is a security base technology that will perhaps be ubiquitous in a few years in personal computers and mobile devices alike. Despite its neutrality with respect to applications, it has raised some privacy concerns. We show that trusted computing can be applied for service access control in a manner protecting users' privacy. We construct a ticket system -- a concept which is at the heart of Identity Management -- relying solely on the capabilities of the trusted platform module and the standards specified by the Trusted Computing Group. Two examples show how it can be used for pseudonymous and protected service access.