Wave Systems Corp. (fka WAVXQ)

[dude_danny]

Peer to Peer
Access Control Architecture
Using Trusted Computing Technology


http://www.list.gmu.edu/confrnc/sacmat/2005-tc.pdf
Sorry if posted.

CONCLUSION

"We present an architecture with trusted computing technology to
support peer-to-peer based access control. Different from most traditional access control models and systems that focus on user property based policies, our approach considers the integrity and trust of platforms and applications that are used by a user to access an object,which is vulnerable from increasing software-based attacks inclient platforms. By using proposed trusted computing technologies,a reference monitor in a platform can act as an agent of an object owner to enforce access control policies, which states that an object can only be accessed in a genuine platform with applications in valid states, such as integrity and configuration. General policies with user security attributes such as role-based access control
can also be supported in our architecture by binding identity
and attribute in a certificate and being protected by trusted hardware Applications of the architecture in various domains show flexibility of deployment and enhancement of overall security in client platforms."

dude_danny