Trusted Computing Group

By now, most of you in security know something about the Trusted Platform Module, or TPM. Enterprise currently uses TPMs as part of multi factor authentication strategies and to harden certificates, for example. Now, the Infrastructure Work Group in TCG has created new specifications that extend the benefits of the TPM. These new developments were discussed this week here at the NSA Trusted Computing Conference and Expo, for the first time.

The first specification, the CMC Profile for Attestation Identity Key (AIK) Certificate Enrollment, creates a simpler, standards-based way, based on an existing IETF certificate enrollment protocol, allows keys to be issued for the TPM. By automatically protecting keys in the hardware-based TPM, the keys are further protected, preventing tampering. Because they're stored in the TPM, the keys can't be accessed at boot-up and are never in the clear. 

While this seems a bit techy and detailed, it represents a major step forward for enterprises wishing to deploy the TPM. By leveraging existing industries standards for certificate issuance, IT teams can use technologies and tools with which they are familiar and that are probably already in place in their organizations. And by deploying the TPM and maintaining keys in it, enterprises are protecting themselves against potentially devastating attacks.

The second new specification created as part of the work group's efforts to provide the necessary linkages and tools to deploy TCG specifications supports additional network security. TCG has created the Trusted Network Connect (TNC) architecture to enable trusted networks. That specification is supported by dozens if not hundreds of vendors in a variety of products ranging from operating systems to switches, routers and associated gear. Part of the TNC architecture deals specifically with health assessment of endpoints, checking them before attaching to the network to ensure that infected or non-compliant systems are not connected.

The TPM now can play a key role in this health assessment. The specification, called the TCG Attestation - Platform Trust Services Protocol Binding to TNC IF-M, enables devices trying to connect to attest to the state of the platform as determined by the resident device's TPM.  If the platform has been altered, has malicious code or the like, the TPM determines this and thereby increases the trustworthiness of the existing TNC health assessment.

In an exciting development, this week also saw the availability of the first implementation of the new PTS protocol. The strongSwan open source IPsec VPN software includes an implementation of the new

TCG Attestation PTS Protocol: Binding to TNC IF-M, to augment their TNC assessment of the VPN client platform. This assessment leverage the TNC protocols carried within an Extensible Authentication Protocol (EAP) tunnel as part of the Internet Key Exchange (IKE) version 2 protocol.  The inclusion of the PTS Protocol allows both TNC software and TPM-based measurements of the client system to be obtained and verified during the establishment of the IPsec tunnel.