Trusted Platform Module
The Trusted Platform Module (TPM) Work Group has been chartered to create the TPM specification.The definition of the TPM architecture comes from the Technical Committee and the TPM Work Group defines the implementation of that architecture. A working knowledge of of security in relation to the design and usage of cryptographic modules as well as cryptographic techniques including public-key cryptography, cryptographic algorithms and protocols is recommended.
A new research report on "Trusted Computing" published by Aberdeen Group, a Harte-Hanks Company (NYSE:HHS), reveals that organizations that have deployed applications based on trusted computing infrastructure exhibit superior capabilities in security governance, risk management and compliance compared to other respondents. The term "trusted computing" refers to applications that leverage hardware-based "roots of trust" at the edge of the network and at the endpoints - sometimes referred to as "hardware anchors in a sea of untrusted software" - for higher assurance.
The TPM main specification is an industry specification that enables trust in computing platforms in general. The main specification is broken into parts to make the role of each document clear. A version of the specification (like 1.2) requires all parts to be a complete specification. A TPM designer MUST be aware that for a complete definition of all requirements necessary to build a TPM, the designer MUST use the appropriate platform specific specification for all TPM requirements.
The Physical Presence Interface utilizes the industry-standard Advanced Configuration and Power Interface (ACPI) to provide a communication mechanism between the OS and the BIOS, enabling the OS and the BIOS to cooperate to provide a simple and straightforward platform user experience for administering the TPM without sacrificing security.
This Architectural Overview provides an introduction to TCG goals and architecture. It defines anticipated scenarios for use of TPM enabled platforms, compliance procedures and anticipated implications on manufacturing and support processes. Anyone looking for an overview of TCG specification and its implications should read this document.
This document is an industry specification that enables trust in computing platforms in general. This specification defines a trusted Subsystem that is an integral part of each platform, and provides functions that can be used by enhanced operating systems and applications. The Subsystem employs cryptographic methods when establishing trust, and while this does not in itself convert a platform into a secure computing environment, it is a significant step in that direction.
The Protection Profile identified in this certificate has been evaluated at an accredited and licensed/ approved evaluation facility using the Common Methodology for IT Security Evaluation (CEM), Version 3.1 for conformance to the Common Criteria for IT Security Evaluation (CC), Version 3.1.