Skip to Main Content
Web-based e-commerce applications need a trusted channel, which provides confidential communication, identity authentication and integrity assurance of endpoints, to guarantee the security of electronic transactions. A user-oriented trusted computing system based on Portable Trusted Module (PTM) is presented. Remote attestation is incorporated into Transport Layer Security (TLS) handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network. This protocol can resist masquerading, trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively. The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.