Total Maintenance Productive
Páginas: 3 (686 palabras)
Publicado: 14 de julio de 2011
In computing, Trusted Platform Module (TPM) is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, as well as thegeneral name of implementations of that specification, often called the "TPM chip" or "TPM Security Device" (as designated in certain Dell BIOS settings[1]). The TPM specification is the work of theTrusted Computing Group. The current version of the TPM specification is 1.2 Revision 116, published on March 3th, 2011.[2] This specification is also available as the international standard ISO/IEC11889.
Trusted Platform Module offers facilities for the secure generation of cryptographic keys, and limitation of their use, in addition to a hardware pseudo-random number generator. It alsoincludes capabilities such as remote attestation and sealed storage. "Remote attestation" creates a nearly unforgeable hash key summary of the hardware and software configuration. The extent of the summaryof the software is decided by the program encrypting the data. This allows a third party to verify that the software has not been changed. "Binding" encrypts data using the TPM endorsement key, aunique RSA key burned into the chip during its production, or another trusted key descended from it.[3] "Sealing" encrypts data similar to binding, but in addition specifies a state in which the TPM mustbe in order for the data to be decrypted (unsealed).[4]
A Trusted Platform Module can be used to authenticate hardware devices. Since each TPM chip has a unique and secret RSA key burned in as it isproduced, it is capable of performing platform authentication. For example, it can be used to verify that a system seeking access is the expected system.
Generally, pushing the security down to thehardware level in conjunction with software provides more protection than a software-only solution. However even where a TPM is used, a key is still vulnerable while a software application that has...
Trusted Platform Module offers facilities for the secure generation of cryptographic keys, and limitation of their use, in addition to a hardware pseudo-random number generator. It alsoincludes capabilities such as remote attestation and sealed storage. "Remote attestation" creates a nearly unforgeable hash key summary of the hardware and software configuration. The extent of the summaryof the software is decided by the program encrypting the data. This allows a third party to verify that the software has not been changed. "Binding" encrypts data using the TPM endorsement key, aunique RSA key burned into the chip during its production, or another trusted key descended from it.[3] "Sealing" encrypts data similar to binding, but in addition specifies a state in which the TPM mustbe in order for the data to be decrypted (unsealed).[4]
A Trusted Platform Module can be used to authenticate hardware devices. Since each TPM chip has a unique and secret RSA key burned in as it isproduced, it is capable of performing platform authentication. For example, it can be used to verify that a system seeking access is the expected system.
Generally, pushing the security down to thehardware level in conjunction with software provides more protection than a software-only solution. However even where a TPM is used, a key is still vulnerable while a software application that has...
Leer documento completo
Regístrate para leer el documento completo.