Show Introducing the TPMThe Trusted Platform Module (TPM) is a special purpose microcontroller designed by the Trusted Computing Group, which interfaces with a standard hardware/software platform in order to allow it to be secured to serve the interests of just one party - the system designer. The current generation of TPMs (version 1.2) are stand-alone chips which are usually surface mounted onto the motherboard of a PC, or integrated into a custom PCB for an embedded device. The TPM can monitor and access the main bus of the computer, which allows it to keep track of and report on the configuration state of the entire computer, from the moment of power-on right through - potentially - to the execution of applications on a modern graphical operating system. Monitoring in itself has limited uses, but combined with access control for secrets based on the monitoring of state, all sorts of interesting applications become possible. For example if a PC is booted into a certain trustworthy state where only a fixed set of applications are installed, the monitoring TPM could then grant access to data storage and encryption keys for high security email. Additionally, the TPM can attest to the configuration of the computer to external third parties, be it the owner of a device wishing to remotely manage it, or a device manufacturer leaving a device in the hands of an untrusted third party. Finally, in order to support requirements for availability, and to guard against equipment failure, the TPM includes command infrastructure and protocols for migration of data between trusted devices, and for use of third parties as privacy or migration brokers. At time of creation, data can be designated as either migrateable or non-migrateable, depending upon the protection model required. In short, the TPM puts tools in the hands of operating system designers to protect themselves from attackers with logical access to low-level parts of the computer (for instance attackers who can swap out a hard drive).
|