Trusted Computing Group - Developers

Applications

Join Now

Interested companies are encouraged to review the Benefits of Membership and apply today!

Join Now

Glossary

Unfamiliar with a term used in this section? Check the TCG Glossary of TechnicalTerms for the definition.

View Glossary

Software Stack - FAQs

Can the Trusted Platform Module control what software runs?

No. There is no ability to do this. The subsystem can only act as a 'slave' to higher level services and applications by storing and reporting pre-runtime configuration information. Other applications determine what is done with this information. At no time can the TCG building blocks 'control' the system or report the status of applications that are running.

Is TCG creating specifications for just one operating system or type of platform?

No. Specifications are operating system-agnostic. Several members have Linux-based software stacks available. In addition to our work on the PC platform, we have specifications for Trusted Servers and mobile devices and are working to finalize specifications for other computing devices, including storage and infrastructure.

Does TCG require that software be certified to run on a TCG-enabled platform?

The TCG design does not have any requirement that software be “certified” in order to use it. The specification talks in some length about ways of using the platform to create certificates for keys that are provably secure and yet not identify the platform they came from. TCG’s technology has a passive role in a system. It can be used to securely record data and to securely store (and sign with) digital keys. TCG architecture does not specify where to get these certificates or how much you pay for them. Free certificates work as well as certificates you pay for. There is no single source of certificates in the market today. Anyone can set themselves up as a Certificate Authority using any number of different Certificate Authority packages. TCG has recently put together an Infrastructure Work Group to look into some of the use cases to provide possible working models.

What is the TSS?

The TSS is a software specification that provides a standard API for accessing the functions of the TPM. Application developers can use this software specification to develop interoperable client applications for more tamper-resistant computing.

What effect will the TSS specification have on applications development?

The TSS ensures application execution will provide a level of confidence that the appropriate keys (cryptographic) have been generated and used in a more secure environment.

Will these TSS-enabled applications run on multiple operating systems?

Yes. The TSS is operating system agnostic. Members are using or have shown implementations with various operating systems including Linux, and some TCG members such as NTRU Cryptosystems, Inc. offer support for open source in their products for trusted computing.

How difficult will it be for developers to use the TSS?

If an application developer has experience writing with MSCAPI or PKCS#11, it will be easy to provide TCG-enabled applications.

View All FAQs