Title: APPROACHES FOR USING TCP AS A FOUNDATION FOR POLICY-COMPLIANT DATA PROCESSING

This chapter presents approaches for solving the time problem and using Trusted Computing according to the TCG specification in order to verify the behaviour of an information system by a monitor. Section 6.1 introduces the linking of an attestation and service access points at the point in time of the attestation in order to solve the time problem. By this approach, the chain of trust is given for the successive approaches for monitoring service applications and for solving the problem shown in the use case “Information Filtering”. Section 6.2 presents a solution for a verifiable processing of personal data according to the requirements described in section 3.5. Section 6.2 investigates on two stages for monitoring non-certified service applications. Firstly, a service application is executed within a trusted environment (sandbox). Secondly, the data which is going to be used by the encapsulated application is divided into non-protection-worthy and protection-worthy data in order to identify those information flows which has to be considered by the user. The solution presented in section 6.3 refers to the use case “Information Filtering”. This section shows the deployment of Trusted Computing in order to process private data in a confidential manner. That means that Trusted Computing is used in order to implement a trusted third party (TTP).