14.2. Informative Referenzen (Informative References)

[CCC-DeepDive] Confidential Computing Consortium, "Eine technische Analyse des Confidential Computing (A Technical Analysis of Confidential Computing)", Version 1.3, November 2022, https://confidentialcomputing.io/white-papers-reports.

[CTAP] FIDO Alliance, "Client to Authenticator Protocol (CTAP)", Februar 2018, https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html.

[NIST-800-57-p1] Barker, E., "Empfehlung für Schlüsselverwaltung: Teil 1 - Allgemein (Recommendation for Key Management: Part 1 - General)", DOI 10.6028/NIST.SP.800-57pt1r5, Mai 2020, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf.

[OPCUA] OPC Foundation, "OPC Unified Architecture Spezifikation, Teil 2: Sicherheitsmodell, Version 1.03 (OPC Unified Architecture Specification, Part 2: Security Model, Release 1.03)", OPC 10000-2, November 2015, https://opcfoundation.org/developer-tools/specifications-unified-architecture/part-2-security-model/.

[RATS-DAA] Birkholz, H., Newton, C., Chen, L., and D. Thaler, "Direkte anonyme Attestierung für die Remote-Attestierungsverfahren-Architektur (Direct Anonymous Attestation for the Remote Attestation Procedures Architecture)", Laufende Arbeit, Internet-Draft, draft-ietf-rats-daa-02, 7. September 2022, https://datatracker.ietf.org/doc/html/draft-ietf-rats-daa-02.

[RATS-PSA-TOKEN] Tschofenig, H., Frost, S., Brossard, M., Shaw, A., and T. Fossati, "Arm's Platform Security Architecture (PSA) Attestation Token", Laufende Arbeit, Internet-Draft, draft-tschofenig-rats-psa-token-10, 6. September 2022, https://datatracker.ietf.org/doc/html/draft-tschofenig-rats-psa-token-10.

[RATS-TUDA] Fuchs, A., Birkholz, H., McDonald, I., and C. Bormann, "Zeitbasierte unidirektionale Attestierung (Time-Based Uni-Directional Attestation)", Laufende Arbeit, Internet-Draft, draft-birkholz-rats-tuda-07, 10. Juli 2022, https://datatracker.ietf.org/doc/html/draft-birkholz-rats-tuda-07.

[RATS-UCCS] Birkholz, H., O'Donoghue, J., Cam-Winget, N., and C. Bormann, "Ein CBOR-Tag für ungeschützte CWT-Claims-Sets (A CBOR Tag for Unprotected CWT Claims Sets)", Laufende Arbeit, Internet-Draft, draft-ietf-rats-uccs-04, 11. Januar 2023, https://datatracker.ietf.org/doc/html/draft-ietf-rats-uccs-04.

[RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, "Zufälligkeitsanforderungen für Sicherheit (Randomness Requirements for Security)", BCP 106, RFC 4086, DOI 10.17487/RFC4086, Juni 2005, https://www.rfc-editor.org/info/rfc4086.

[RFC4949] Shirey, R., "Internet-Sicherheitsglossar, Version 2 (Internet Security Glossary, Version 2)", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, https://www.rfc-editor.org/info/rfc4949.

[RFC5209] Sangster, P., Khosravi, H., Mani, M., Narayan, K., and J. Tardo, "Network Endpoint Assessment (NEA): Überblick und Anforderungen (Network Endpoint Assessment (NEA): Overview and Requirements)", RFC 5209, DOI 10.17487/RFC5209, Juni 2008, https://www.rfc-editor.org/info/rfc5209.

[RFC6024] Reddy, R. and C. Wallace, "Trust Anchor Management Anforderungen (Trust Anchor Management Requirements)", RFC 6024, DOI 10.17487/RFC6024, Oktober 2010, https://www.rfc-editor.org/info/rfc6024.

[RFC8322] Field, J., Banghart, S., and D. Waltermire, "Ressourcenorientierter leichtgewichtiger Informationsaustausch (ROLIE) (Resource-Oriented Lightweight Information Exchange (ROLIE))", RFC 8322, DOI 10.17487/RFC8322, Februar 2018, https://www.rfc-editor.org/info/rfc8322.

[strengthoffunction] NIST, "Funktionsstärke (Strength of Function)", https://csrc.nist.gov/glossary/term/strength_of_function.

[TCG-DICE] Trusted Computing Group, "DICE Attestierungs-Architektur (DICE Attestation Architecture)", Version 1.00, Revision 0.23, März 2021, https://trustedcomputinggroup.org/wp-content/uploads/DICE-Attestation-Architecture-r23-final.pdf.

[TCG-DICE-SIBDA] Trusted Computing Group, "Symmetrische identitätsbasierte Geräteattestierung (Symmetric Identity Based Device Attestation)", Version 1.0, Revision 0.95, Januar 2020, https://trustedcomputinggroup.org/wp-content/uploads/TCG_DICE_SymIDAttest_v1_r0p95_pub-1.pdf.

[TCGarch] Trusted Computing Group, "Trusted Platform Module Library, Teil 1: Architektur (Trusted Platform Module Library, Part 1: Architecture)", November 2019, https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part1_Architecture_pub.pdf.

[TEEP-ARCH] Pei, M., Tschofenig, H., Thaler, D., and D. Wheeler, "Trusted Execution Environment Provisioning (TEEP) Architektur (Trusted Execution Environment Provisioning (TEEP) Architecture)", Laufende Arbeit, Internet-Draft, draft-ietf-teep-architecture-19, 24. Oktober 2022, https://datatracker.ietf.org/doc/html/draft-ietf-teep-architecture-19.

[TLS-CWT] Tschofenig, H. and M. Brossard, "Verwendung von CBOR Web Tokens (CWTs) in Transport Layer Security (TLS) und Datagram Transport Layer Security (DTLS) (Using CBOR Web Tokens (CWTs) in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS))", Laufende Arbeit, Internet-Draft, draft-tschofenig-tls-cwt-02, 13. Juli 2020, https://datatracker.ietf.org/doc/html/draft-tschofenig-tls-cwt-02.

[WebAuthN] W3C, "Web-Authentifizierung: Eine API für den Zugriff auf Public Key Credentials Level 1 (Web Authentication: An API for accessing Public Key Credentials Level 1)", März 2019, https://www.w3.org/TR/webauthn-1/.