Abstract
Trusted Computing is constrained by legacy issues, customer expectations, legal matters, privacy, and disaster recovery. Many aspects of Trusted Computing come as no surprise to anyone versed in the art of information security: one must provide process isolation and can’t avoid certificates, authorisation or authentication; one must provide a good level of security, avoid global secrets, abide by the principle of separation of privilege, and deal with dictionary attacks. On the other hand, Trusted Computing is distinguished by concepts such as Roots of Trust, authenticated platform boot, platform attestation, and privacy-friendly platform identification and platform recognition. All types of trusted platform have a particular trusted platform lifecycle, from design to decommissioning.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
CESG is the UK National Technical Authority for Information Assurance.
- 2.
This nomenclature is explained below.
- 3.
Commented by Ken Nicholson of the Panasonic Company.
- 4.
Given Hewlett-Packard’s long-standing involvement with TCG, and HP’s printer business, it is perhaps not surprising that a long-standing joke within TCG is that HP’s representatives encourage large specifications.
- 5.
Nothing in this book should be construed as legal advice.
- 6.
It has been commented that any command to erase the EK should be called “TPM_EraseProfit”, because it would cause considerable customer anger and expense.
- 7.
TPMs use nonvolatile (persistent) data storage to store long-term variables , and also allow the Owner to persistently store small quantities of data.
References
“vision statement for the future direction of the application of the CC and the CCRA” (April 2014) www.commoncriteriaportal.org/vision.cfm
“Supporting Documents for Smartcards and similar devices” (otherwise known as “Rationale for Smart cards and similar devices”) (April 2014) http://www.commoncriteriaportal.org/files/operatingprocedures/2006-06-001.pdf
“Application of Attack Potential to Smartcards” (April 2014) http://www.commoncriteriaportal.org/files/supdocs/CCDB-2012-04-002.pdf
“Commercial Product Assurance” (April 2014) http://www.cesg.gov.uk/servicecatalogue/Product-Assurance/CPA/Pages/CPA.aspx
“Commercial Product Assurance - International Aspects” (April 2014) www.cesg.gov.uk/News/Pages/CPA-InternationalAspects.aspx
“On the deployment of Mobile Trusted Module s” (April 2014) http://andreas.schmidt.novalyst.de/docs/MTM_deployment_paper.pdf.
“Common Criteria Toolkit” (April 2014) http://www.iso15408.net/
“Guidelines on Hardware-Rooted Security in Mobile Devices” (April 2014) http://csrc.nist.gov/publications/drafts/800-164/sp800_164_draft.pdf.
An open-source implementation of TPMv1.2 software (April 2014) http://ibmswtpm.sourceforge.net/.
“PC-Client TPM Certified Products List” (April 2014) www.trustedcomputinggroup.org/certification/certificationtpm_certified_products_list.
TCG certification (April 2014) http://www.trustedcomputinggroup.org/certification
TCG’s Protection Profile for TPMs (April 2014) http://www.trustedcomputinggroup.org/resources/tpm_12_protection_profile
Section 5.A.2.a.1 “Wassenaar Information Security Category 5 Part II export controls” http://www.wassenaar.org/controllists/index.html
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Proudler, G., Chen, L., Dalton, C. (2014). Basics of Trusted Platforms. In: Trusted Computing Platforms. Springer, Cham. https://doi.org/10.1007/978-3-319-08744-3_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-08744-3_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08743-6
Online ISBN: 978-3-319-08744-3
eBook Packages: Computer ScienceComputer Science (R0)