%PDF-1.4 % 5 0 obj << /S /GoTo /D (chapter*.1) >> endobj 8 0 obj (Erkl\344rung) endobj 9 0 obj << /S /GoTo /D (chapter*.2) >> endobj 12 0 obj (Vorwort) endobj 13 0 obj << /S /GoTo /D (chapter*.3) >> endobj 16 0 obj (Kurzfassung) endobj 17 0 obj << /S /GoTo /D (chapter*.4) >> endobj 20 0 obj (Abstract) endobj 21 0 obj << /S /GoTo /D (chapter.1) >> endobj 24 0 obj (1 Introduction) endobj 25 0 obj << /S /GoTo /D (section.1.1) >> endobj 28 0 obj (1.1 Problem Description) endobj 29 0 obj << /S /GoTo /D (section.1.2) >> endobj 32 0 obj (1.2 Motivation and Goals) endobj 33 0 obj << /S /GoTo /D (section.1.3) >> endobj 36 0 obj (1.3 Outline) endobj 37 0 obj << /S /GoTo /D (chapter.2) >> endobj 40 0 obj (2 Identity Management) endobj 41 0 obj << /S /GoTo /D (section.2.1) >> endobj 44 0 obj (2.1 Introduction) endobj 45 0 obj << /S /GoTo /D (subsection.2.1.1) >> endobj 48 0 obj (2.1.1 The Need for Identity Management) endobj 49 0 obj << /S /GoTo /D (subsection.2.1.2) >> endobj 52 0 obj (2.1.2 Identity Management) endobj 53 0 obj << /S /GoTo /D (section.2.2) >> endobj 56 0 obj (2.2 Digital Identity) endobj 57 0 obj << /S /GoTo /D (subsection.2.2.1) >> endobj 60 0 obj (2.2.1 Characteristics) endobj 61 0 obj << /S /GoTo /D (subsection.2.2.2) >> endobj 64 0 obj (2.2.2 Life Cycle) endobj 65 0 obj << /S /GoTo /D (section.2.3) >> endobj 68 0 obj (2.3 Identity-related Aspects) endobj 69 0 obj << /S /GoTo /D (subsection.2.3.1) >> endobj 72 0 obj (2.3.1 Trust) endobj 73 0 obj << /S /GoTo /D (subsection.2.3.2) >> endobj 76 0 obj (2.3.2 Access-Control Policies) endobj 77 0 obj << /S /GoTo /D (subsection.2.3.3) >> endobj 80 0 obj (2.3.3 Privacy) endobj 81 0 obj << /S /GoTo /D (subsection.2.3.4) >> endobj 84 0 obj (2.3.4 Authentication) endobj 85 0 obj << /S /GoTo /D (subsection.2.3.5) >> endobj 88 0 obj (2.3.5 Authorization) endobj 89 0 obj << /S /GoTo /D (subsection.2.3.6) >> endobj 92 0 obj (2.3.6 Integrity, Non-Repudiation and Confidentiality) endobj 93 0 obj << /S /GoTo /D (section.2.4) >> endobj 96 0 obj (2.4 Standards and Frameworks) endobj 97 0 obj << /S /GoTo /D (subsection.2.4.1) >> endobj 100 0 obj (2.4.1 Simple Object Access Protocol \(SOAP\)) endobj 101 0 obj << /S /GoTo /D (subsection.2.4.2) >> endobj 104 0 obj (2.4.2 Security Assertion Markup Language \(SAML\)) endobj 105 0 obj << /S /GoTo /D (subsection.2.4.3) >> endobj 108 0 obj (2.4.3 Liberty Alliance) endobj 109 0 obj << /S /GoTo /D (subsection.2.4.4) >> endobj 112 0 obj (2.4.4 WS-Roadmap) endobj 113 0 obj << /S /GoTo /D (chapter.3) >> endobj 116 0 obj (3 Trusted Computing) endobj 117 0 obj << /S /GoTo /D (section.3.1) >> endobj 120 0 obj (3.1 Introduction) endobj 121 0 obj << /S /GoTo /D (subsection.3.1.1) >> endobj 124 0 obj (3.1.1 Trusted Computing) endobj 125 0 obj << /S /GoTo /D (subsection.3.1.2) >> endobj 128 0 obj (3.1.2 Development) endobj 129 0 obj << /S /GoTo /D (section.3.2) >> endobj 132 0 obj (3.2 The Trusted Platform) endobj 133 0 obj << /S /GoTo /D (subsection.3.2.1) >> endobj 136 0 obj (3.2.1 Fundamental Features) endobj 137 0 obj << /S /GoTo /D (subsection.3.2.2) >> endobj 140 0 obj (3.2.2 Roots of Trust) endobj 141 0 obj << /S /GoTo /D (subsection.3.2.3) >> endobj 144 0 obj (3.2.3 Transitive Trust) endobj 145 0 obj << /S /GoTo /D (subsection.3.2.4) >> endobj 148 0 obj (3.2.4 Trusted Platform Module) endobj 149 0 obj << /S /GoTo /D (subsection.3.2.5) >> endobj 152 0 obj (3.2.5 Operational States) endobj 153 0 obj << /S /GoTo /D (section.3.3) >> endobj 156 0 obj (3.3 Cryptographic Components) endobj 157 0 obj << /S /GoTo /D (subsection.3.3.1) >> endobj 160 0 obj (3.3.1 Keys) endobj 161 0 obj << /S /GoTo /D (subsection.3.3.2) >> endobj 164 0 obj (3.3.2 Certificates) endobj 165 0 obj << /S /GoTo /D (subsection.3.3.3) >> endobj 168 0 obj (3.3.3 Attestation) endobj 169 0 obj << /S /GoTo /D (subsection.3.3.4) >> endobj 172 0 obj (3.3.4 Protected Message Exchange) endobj 173 0 obj << /S /GoTo /D (section.3.4) >> endobj 176 0 obj (3.4 Applications) endobj 177 0 obj << /S /GoTo /D (subsection.3.4.1) >> endobj 180 0 obj (3.4.1 Software Layers) endobj 181 0 obj << /S /GoTo /D (subsection.3.4.2) >> endobj 184 0 obj (3.4.2 Command Validation) endobj 185 0 obj << /S /GoTo /D (chapter.4) >> endobj 188 0 obj (4 Trusted Infrastructures for Identities) endobj 189 0 obj << /S /GoTo /D (section.4.1) >> endobj 192 0 obj (4.1 Problem Overview) endobj 193 0 obj << /S /GoTo /D (section.4.2) >> endobj 196 0 obj (4.2 Basic Scenario) endobj 197 0 obj << /S /GoTo /D (section.4.3) >> endobj 200 0 obj (4.3 Integration of Status Information) endobj 201 0 obj << /S /GoTo /D (subsection.4.3.1) >> endobj 204 0 obj (4.3.1 Component-aware Integrity Measurement) endobj 205 0 obj << /S /GoTo /D (subsection.4.3.2) >> endobj 208 0 obj (4.3.2 Property-based Integrity Measurement) endobj 209 0 obj << /S /GoTo /D (section.4.4) >> endobj 212 0 obj (4.4 Authorization of the Identity Provider) endobj 213 0 obj << /S /GoTo /D (subsection.4.4.1) >> endobj 216 0 obj (4.4.1 Digital Rights Management) endobj 217 0 obj << /S /GoTo /D (subsection.4.4.2) >> endobj 220 0 obj (4.4.2 AIK Credentials and Privacy-CA) endobj 221 0 obj << /S /GoTo /D (subsection.4.4.3) >> endobj 224 0 obj (4.4.3 DAA Credentials and DAA) endobj 225 0 obj << /S /GoTo /D (subsection.4.4.4) >> endobj 228 0 obj (4.4.4 Additional Certificates) endobj 229 0 obj << /S /GoTo /D (section.4.5) >> endobj 232 0 obj (4.5 Selected Scenario) endobj 233 0 obj << /S /GoTo /D (section.4.6) >> endobj 236 0 obj (4.6 Identity-related Aspects) endobj 237 0 obj << /S /GoTo /D (subsection.4.6.1) >> endobj 240 0 obj (4.6.1 Trust) endobj 241 0 obj << /S /GoTo /D (subsection.4.6.2) >> endobj 244 0 obj (4.6.2 Access-Control Policies) endobj 245 0 obj << /S /GoTo /D (subsection.4.6.3) >> endobj 248 0 obj (4.6.3 Privacy) endobj 249 0 obj << /S /GoTo /D (subsection.4.6.4) >> endobj 252 0 obj (4.6.4 Authentication) endobj 253 0 obj << /S /GoTo /D (subsection.4.6.5) >> endobj 256 0 obj (4.6.5 Authorization) endobj 257 0 obj << /S /GoTo /D (subsection.4.6.6) >> endobj 260 0 obj (4.6.6 Integrity, Non-Repudiation and Confidentiality) endobj 261 0 obj << /S /GoTo /D (section.4.7) >> endobj 264 0 obj (4.7 Usage Scenarios) endobj 265 0 obj << /S /GoTo /D (chapter.5) >> endobj 268 0 obj (5 Realization Concept) endobj 269 0 obj << /S /GoTo /D (section.5.1) >> endobj 272 0 obj (5.1 Architecture) endobj 273 0 obj << /S /GoTo /D (section.5.2) >> endobj 276 0 obj (5.2 Components) endobj 277 0 obj << /S /GoTo /D (subsection.5.2.1) >> endobj 280 0 obj (5.2.1 Privacy-CA) endobj 281 0 obj << /S /GoTo /D (subsection.5.2.2) >> endobj 284 0 obj (5.2.2 Ticket-issuing Web Server) endobj 285 0 obj << /S /GoTo /D (subsection.5.2.3) >> endobj 288 0 obj (5.2.3 Identity Provider) endobj 289 0 obj << /S /GoTo /D (subsection.5.2.4) >> endobj 292 0 obj (5.2.4 User) endobj 293 0 obj << /S /GoTo /D (subsection.5.2.5) >> endobj 296 0 obj (5.2.5 Ticket-receiving Service Provider) endobj 297 0 obj << /S /GoTo /D (section.5.3) >> endobj 300 0 obj (5.3 Protocol Messages) endobj 301 0 obj << /S /GoTo /D (subsection.5.3.1) >> endobj 304 0 obj (5.3.1 AIK Credential Request) endobj 305 0 obj << /S /GoTo /D (subsection.5.3.2) >> endobj 308 0 obj (5.3.2 AIK Credential) endobj 309 0 obj << /S /GoTo /D (subsection.5.3.3) >> endobj 312 0 obj (5.3.3 Trusted Ticket) endobj 313 0 obj << /S /GoTo /D (section.5.4) >> endobj 316 0 obj (5.4 TPM Functionality) endobj 317 0 obj << /S /GoTo /D (subsection.5.4.1) >> endobj 320 0 obj (5.4.1 Basic Operations) endobj 321 0 obj << /S /GoTo /D (subsection.5.4.2) >> endobj 324 0 obj (5.4.2 Extraction of Status Information) endobj 325 0 obj << /S /GoTo /D (subsection.5.4.3) >> endobj 328 0 obj (5.4.3 Key Generation) endobj 329 0 obj << /S /GoTo /D (subsection.5.4.4) >> endobj 332 0 obj (5.4.4 Cryptographic Operations) endobj 333 0 obj << /S /GoTo /D (chapter.6) >> endobj 336 0 obj (6 Implementation) endobj 337 0 obj << /S /GoTo /D (section.6.1) >> endobj 340 0 obj (6.1 Implementation Scope) endobj 341 0 obj << /S /GoTo /D (section.6.2) >> endobj 344 0 obj (6.2 Architecture) endobj 345 0 obj << /S /GoTo /D (section.6.3) >> endobj 348 0 obj (6.3 Infrastructure) endobj 349 0 obj << /S /GoTo /D (subsection.6.3.1) >> endobj 352 0 obj (6.3.1 Base System) endobj 353 0 obj << /S /GoTo /D (subsection.6.3.2) >> endobj 356 0 obj (6.3.2 Trusted Platform Module) endobj 357 0 obj << /S /GoTo /D (subsection.6.3.3) >> endobj 360 0 obj (6.3.3 Trusted Software Stack) endobj 361 0 obj << /S /GoTo /D (subsection.6.3.4) >> endobj 364 0 obj (6.3.4 Java Libraries) endobj 365 0 obj << /S /GoTo /D (section.6.4) >> endobj 368 0 obj (6.4 Key Generator) endobj 369 0 obj << /S /GoTo /D (subsection.6.4.1) >> endobj 372 0 obj (6.4.1 Tasks) endobj 373 0 obj << /S /GoTo /D (subsection.6.4.2) >> endobj 376 0 obj (6.4.2 Design) endobj 377 0 obj << /S /GoTo /D (subsection.6.4.3) >> endobj 380 0 obj (6.4.3 Implementation) endobj 381 0 obj << /S /GoTo /D (section.6.5) >> endobj 384 0 obj (6.5 Identity Provider) endobj 385 0 obj << /S /GoTo /D (subsection.6.5.1) >> endobj 388 0 obj (6.5.1 Tasks) endobj 389 0 obj << /S /GoTo /D (subsection.6.5.2) >> endobj 392 0 obj (6.5.2 Design) endobj 393 0 obj << /S /GoTo /D (subsection.6.5.3) >> endobj 396 0 obj (6.5.3 Implementation) endobj 397 0 obj << /S /GoTo /D (chapter.7) >> endobj 400 0 obj (7 Analysis) endobj 401 0 obj << /S /GoTo /D (section.7.1) >> endobj 404 0 obj (7.1 Integration of Status Information) endobj 405 0 obj << /S /GoTo /D (section.7.2) >> endobj 408 0 obj (7.2 Complex Architectures) endobj 409 0 obj << /S /GoTo /D (section.7.3) >> endobj 412 0 obj (7.3 Event Log Size) endobj 413 0 obj << /S /GoTo /D (section.7.4) >> endobj 416 0 obj (7.4 AIK Credentials) endobj 417 0 obj << /S /GoTo /D (section.7.5) >> endobj 420 0 obj (7.5 Authorization of the Privacy-CA) endobj 421 0 obj << /S /GoTo /D (chapter.8) >> endobj 424 0 obj (8 Conclusion) endobj 425 0 obj << /S /GoTo /D (section.8.1) >> endobj 428 0 obj (8.1 Results) endobj 429 0 obj << /S /GoTo /D (section.8.2) >> endobj 432 0 obj (8.2 Outlook) endobj 433 0 obj << /S /GoTo /D (appendix.A) >> endobj 436 0 obj (A Trusted Ticket) endobj 437 0 obj << /S /GoTo /D (appendix.B) >> endobj 440 0 obj (B Contents of the CD) endobj 441 0 obj << /S /GoTo /D (section.B.1) >> endobj 444 0 obj (B.1 Thesis) endobj 445 0 obj << /S /GoTo /D (section.B.2) >> endobj 448 0 obj (B.2 Bibliography) endobj 449 0 obj << /S /GoTo /D (section.B.3) >> endobj 452 0 obj (B.3 Source Code) endobj 453 0 obj << /S /GoTo /D (section.B.4) >> endobj 456 0 obj (B.4 Javadoc) endobj 457 0 obj << /S /GoTo /D (section.B.5) >> endobj 460 0 obj (B.5 Software) endobj 461 0 obj << /S /GoTo /D (appendix*.18) >> endobj 464 0 obj (List of Acronyms) endobj 465 0 obj << /S /GoTo /D (appendix*.19) >> endobj 468 0 obj (Glossary) endobj 469 0 obj << /S /GoTo /D (appendix*.19) >> endobj 471 0 obj (Bibliography) endobj 472 0 obj << /S /GoTo /D [473 0 R /Fit ] >> endobj 475 0 obj << /Length 424 /Filter /FlateDecode >> stream xmR;O#1+\6~"8 CK@$HlRܿgIxlhƻ$W5!Ur0Wndj_*rw o4;#Q'}~Pv!%ᜩD]ɶPmKLBoYb~ o=`3z>n&9v15$V5 ?fߚ+fl\"Sx{yj%x= ۧe|>ј+sT[Qh,LRP"aT ѧҠL^4\IwCUv\-lwBhJT#v.n|k4