Preview of irongui - A Graphical User Interface for IF-MAP 2.0 Servers

We would like to give a preview on one of our current tasks that we are working on: irongui. It is a Graphical User Interface for IF-MAP 2.0 servers. It is intended to provide a debug view on the current metadata hold by a MAP server.

One nice aspect of irongui is that it can act as an ordinary MAP client. In the release version, the user can provide the root node of the graph that shall be displayed. Afterwards, the communication between irongui and the MAP server is based upon standard IF-MAP subscription and poll operations. Thus, irongui should be able to visualize any MAP 2.0 server. If irongui is used with our own irond MAP server, it is also possible to use an irond-specific operation in order to bootstrap the visualisation process.

The first version of irongui will be released in November 2010.

Steve Hanna gives talk at Trust@FHH

On Wednesday, Steve Hanna, Distinguished Engineer at Juniper Networks and co-chair of the TCG’s TNC-WG and the IETF’s NEA-WG has visited the Trust@FHH group in Hanover. It was a great chance for our group to present the current projects that we are working on to one of the most esteemed experts in the area of Trusted Computing and Trusted Network Connect.

Steve gave an exciting talk about “Coordinated Security: A New Paradigm” and presented the big picture of TNC and especially IF-MAP to members and students of our group.

irond - an open source IF-MAP server - is now available

We are glad to announce that irond, an open source IF-MAP server, is now available!

irond is completely written in Java. The server is based upon the IF-MAP 2.0 specification that has been recently published by the TCG. irond supports both basic authentication and certificate-based authentication for MAP clients. Development was done within the IRON project at FHH.

irond is licensed under the Apache License, Version 2.0 and available for download here. A rough documentation to do some basic testing with irond is provided as part of the .zip archives.

We are currently working on several MAP clients that will be published soon in order to set up more sophisticated test environments.

If you have any questions or remarks concerning irond, please contact f4-i-trust@lists.hs-hannover.de.

If you find bugs, please report them to our bugtracking system.

Trust@FHH gets funding for new ESUKOM research project

The Trust@FHH research group is pleased to announce the participation in the ESUKOM research project. While building on some results of the IRON Project, ESUKOM addresses the field of real-time security in business networks. One focus will be the secure integration of smartphones in enterprise environments. ESUKOM is launched together with four partners this October and has a duration of two years.

The project is funded by the German Federal Ministry of Education and Research.

More information will be coming soon.

tNAC Research Project Presented At USENIX Security Symposium 2010

The tNAC research project, where the Trust@FHH group is participating in, was presented at the USENIX Security Symposium 2010 in Washington D.C. The poster summarizes the results of tNAC that were achieved up to now. It is available in our download section.

IRON-Project finished successfully

The project was successfully finished in July 2010. The implementation results (for example irond, our open source IF-MAP 2.0 server) will form the basis for future work.

tnc@fhh 0.7.0 released

This version introduces new features, an improved and simplified build process and revisited documentation for tnc@fhh. The main improvements of this release are:

• simplified package structure (only one tarball that includes all components)
• an IMC/V pair that supports binary remote attestation of platforms with Trusted Computing capabilities (TPM)
• an IMC/V pair that evaluates the anti virus scanner ClamAV
• an IMC/V pair for platform authentication based on X.509 certificates (optionally supports openssl TPM engine)
• a new patch for FreeRADIUS that supports multiple EAP methods in one EAP-TTLS tunnel
• a handbook (located in the doc subdirectory) that explains many aspects of tnc@fhh

You can find the tarball in the download section. The wiki is currently slightly outdated. Most of the howtos that worked for version 0.6.0 will also work for version 0.7.0.

However, if you encounter any problems, please contact us via f4-i-trust@lists.hs-hannover.de.

tnc@fhh certified by Trusted Computing Group

The tnc@fhh implementation was certified by the Trusted Computing Group. The certification program currently consists of one TPM and one TNC specific program. Within these certification programs, products are tested in order to assess their compliance to the TCG specifications. In the area of TNC, the certification program currently covers the interfaces IF-IMC, IF-IMV and IF-PEP for RADIUS.

tnc@fhh was certified to appropriately implement the IF-IMC and IF-IMV interfaces. In order to get this certification, tnc@fhh successfully passed the necessary interoperability and compliance testing events.

We are proud to be one of the first open source implementations that got this certification. We would like to thank the TCG and especially the TNC Subgroup for giving us the opportunity to participate.