The PC Client Work Group provides common functionality, interfaces, and a minimum set of security and privacy requirements for PC client that use TCG components to establish their root of trust. This work group serves an advisory role by providing information to the TPM Work Group and other TCG Work Groups on possible architectural and design issues that may impact their work. This work group's deliverables do not address any functionality, interface (except those interfaces between the OS and the pre-OS environment), security or privacy issues for the Operating System(s) that are hosted by the platform.
This specification describes the architecture and implementation examples for a Dynamic Root of Trust for Measurement (D-RTM) used for measured platform initialization without a hardware platform restart.
The TCG architecture specifications define a TPM for use on any non-platform specific platform. However, due to the requirements to support Dynamic Locality features specific to the PC Client are necessary for the TPM. These PC Client features are defined in the section.
The Trusted Computing Group's architecture is a platform independent architecture to enhance trust on computing platforms. As such, the TCG Main Specification is general in specifying both hardware and software requirements. The goal of the TCG member companies is to ensure compatibility among implementations within each computing architecture. It is expected that companion implementation documents will be created for each architecture.
The Physical Presence Interface utilizes the industry-standard Advanced Configuration and Power Interface (ACPI) to provide a communication mechanism between the OS and the BIOS, enabling the OS and the BIOS to cooperate to provide a simple and straightforward platform user experience for administering the TPM without sacrificing security.
When a platform reboots or shuts down, the contents of volatile memory (RAM) are not immediately lost. Without an electric charge to maintain the data in memory, the data will begin to decay. During this period, there is a short timeframe during which an attacker can turn off or reboot the platform, and quickly turn it back on to boot into a program that dumps the contents of memory. Encryption keys and other secrets can be easily compromised through this method.
This Architectural Overview provides an introduction to TCG goals and architecture. It defines anticipated scenarios for use of TPM enabled platforms, compliance procedures and anticipated implications on manufacturing and support processes. Anyone looking for an overview of TCG specification and its implications should read this document.