User authentication with smart cards in trusted computing architecture

The introduction of smart cards into trusted architectures establishes a clear-cut separation between the roles and responsibilities of both platform and user. On one hand, the Trusted Platform Module (TPM) ensures the platform trustworthiness and secures platform credentials and secrets, while smart cards guarantee user identity and protect user credentials and access authorization. Starting from the identification of the specific roles played by TPM and smart cards in a trust relationship, this paper demonstrates their complementarities and establishes the smart card value proposition for trusted computing infrastructure. Focusing on user authentication we discuss different mechanisms integrating the smart card into TPM authorization protocols in order to implement smart card-based user access control to TPM-protected resources.