Media Room - FAQs

What is the Trusted Computing Group (TCG)?

The Trusted Computing Group was formed in 2003 to develop and support open industry specifications for trusted computing across multiple platform types. To enable open specification development, the group is incorporated, has a patent policy and provides industry advocacy programs, including marketing programs. Information on how to join the TCG can be found at www.trustedcomputinggroup.org/join_now/.

TCG has approximately 100 members from across computing, including component vendors, software developers, systems vendors and network and infrastructure companies. A complete list is online at www.trustedcomputinggroup.org/members.

What is the organizational structure of TCG?

TCG is an incorporated organization. Membership is open to a wide range of organizations and TCG invites active member participation. The organization has a majority rule structure to facilitate progress. The group provides for marketing programs, democratic organizational management and independent advocacy. Finally, the organization provides a reasonable and non-discriminatory (RAND) patent licensing policy. These terms typically streamline adoption of industry standards.

How do I join TCG? What are the dues for each type of membership?

Potential members can obtain a TCG Membership Agreement and related documents by completing the online request form here, www.trustedcomputinggroup.org/join_now/request_membership_information.

The web site contains additional information on the dues structure and membership benefits for each membership type at www.trustedcomputinggroup.org/join_now/.

What is available from TCG?

The organization has developed specifications for the Trusted Platform Module (TPM) used in PCs and other systems; a software interface specification to enable application development for systems using the TPM; a Trusted Server specification; the Trusted Network Connect architecture to enable protection of the network; and a specification for the Mobile Trusted Module for mobile phone security. Another work group is preparing a specification to address storage security.

What has the TCG done to preserve privacy?

TCG believes that privacy is a necessary element of a trusted system. The system owner has ultimate control and permissions over private information and must "opt-in" to utilize the TCG subsystem. Integrity metrics can be reported by the TCG subsystem but the specification will not restrict the choice and options of the owner preserving openness and the ability of the owner to choose.

The TCG specifications support privacy principles in a number of ways:

  1.  The owner controls personalization.
  2. The owner controls the trust relationship.
  3. The system provides private object storage and digital signature capability.
  4. Private personalization information is never exposed.
  5. Owner keys are encrypted prior to transmission.

It is also important to know what the solutions are not:

  1. They are not global identifiers.
  2. They are not personalized before user interaction.
  3. They are not fixed functions-they can be disabled permanently.
  4. They are not controlled by others (only the owner controls them).

How does a TCG-enabled system protect against malicious and unknown use of its functions by an unauthorized user?

The TPM capabilities that deal with sensitive or private information require the presentation of authorization data. Authorization data adds a layer of protection to sensitive or private information.

Was TCG formed to specify Digital Rights Management (DRM) technologies?

TCG specifications do not provide all the necessary technical elements required for DRM. It is conceivable that developers could build their own DRM solutions that would operate on systems with Trusted Platform Modules, but TCG specifications alone are not DRM solutions.  Furthermore, TCG Best Practices require that deployments support established principles and practices of data ownership: "While respecting a data owner's rights, protection sought by a content owner must not be allowed to constrain the modality of the user's interaction with the data."

What kinds of use cases do you envision enabling via the addition of trusted computing technology to embedded systems?

Initial high-level, universal use cases are clear:
  • Provide unique, unspoofable identity to the embedded system that incorporates a TPM.
  • Participate in integrity measurement services upon the firmware and software in the embedded system and store the results of measurement for subsequent reporting.
  • How will management of TPM-protected secrets be done in the embedded market?

In specific environments, narrower use cases will be considered, for example:

  • More complex embedded systems may require trust services based on cryptographic material protected by a TPM.
  • Communications among embedded systems may be protected using a VPN, and the TPMs involved in these communications may be used to protect authentication and encryption certificates required by the VPN.
  • Privacy requirements due to handling of legally protected personal data, e.g., in medical applications.
  • There may be circumstances in which an embedded device protects secrets as a service to a number of other devices.

Other use cases will be considered as well.

 

Don't a number of non-PC applications already use the TPM? Seems like we've seen printers, copiers, industrial PCs, kiosks and others already using the TPM.

Yes. There are printers, video game consoles, kiosks and other devices already in the market that contain TPMs. The most common use of the TPM in those devices is validation that the code has not been tampered with. The TPM may also be used to protect a unique identifier as well. These are the two foundation functions of a TPM in any device.

The primary purpose of the Embedded Systems Work Group is to facilitate the continued evolution of Trusted Computing as a source for security in these markets and to help facilitate the ecosystem to support the concepts of a hardware root of trust.

What applications and services will benefit from systems with TPMs?

Systems with TPMs offer improved, hardware-based security in numerous applications, such as file and folder encryption, local password management, S-MIME e-mail, VPN and PKI authentication and wireless authentication for 802.1x and LEAP.

Are systems with TPMs available?

Desktop, notebook and tablet PCs with TPMs are available from Dell, Fujitsu, Gateway, HP, Intel, Lenovo, Toshiba and others - virtually all enterprise systems now include the TPM. Trusted servers also have started shipping.

How do TPMs compare with smart cards or biometrics?

They are complementary to the TPM, which is considered a fixed token that can be used to enhance user authentication, data, communications, and/or platform security. A smart card is a portable token traditionally used to provide more secure authentication for a specific user across multiple systems, while biometrics are providing that functionality in an increasing number of systems. Both technologies can have a role in the design of more secure computing environments.

Is TCG creating specifications for just one operating system or type of platform?

No. Specifications are operating system-agnostic. Several members have Linux-based software stacks available. In addition to our work on the PC platform, we have specifications for Trusted Servers and mobile devices and are working to finalize specifications for other computing devices, including storage and infrastructure.

How does Microsoft’s BitLocker technology relate to the TPM and to the efforts of TCG?

Microsoft BitLocker™ Drive Encryption is designed to make use of a Trusted Platform Module (TPM) 1.2 and the associated PC Client Specifications developed by TCG to protect critical system files and user data and to help ensure that a computer running Windows Vista has not been tampered with while the system was offline.

Why is Trusted Network Connect necessary?

The TNC architecture has been designed to assist network administrators in protecting networks by allowing them to audit endpoint configurations and impose enterprise security policies before network connectivity is established. This can help prevent inappropriate and unauthorized access that can result in viruses and email worms, Trojan horses, denial of service attacks, and other malicious activities.

What is the scope of the TNC specification?

First, the specification focuses on the collection of endpoint configuration data in conjunction with user authentication information, for comparison with a pre-defined set of organization criteria for access to the protected network. This creates a "security" or "safe computing" profile for a system. Second, the specification addresses providing an appropriate level of network access based on the detected level of policy compliance, including full access, partial access or directed access, or no access.

What Trusted Network Connect specifications are available?

In 2006, the TNC made available three new specifications. These specifications are:
  • IF-TNCCS, which specifies interoperability between the TNC Client (TNCC) and the TNC Server (TNCS);
  • IF-T for Tunneled EAP Methods, which is the specification for support of various transports; and,
  • IF-PEP for RADIUS, specifying a standard integration with Policy Enforcement Points (PEP).

These specifications are in addition to the existing TNC specifications - IF-IMC and IF-IMV, which provide standardized APIs for client plug-ins (IMCs) and server plug-ins (IMVs) to enable TNC functionality; and the TNC architecture specification - which were all published in May 2005. All TNC specifications are available free to anyone who wishes to download them from the TCG website, www.trustedcomputinggroup.org.

These specifications are intended to be used in the following manner:

  • IF-TNCCS describes a standard method for the TNC Client (TNCC) and the TNC Server (TNCS) to exchange messages. Since the TNC architecture is layered, IF-TNCCS carries messages from IMCs to IMVs and vice versa. It also carries control messages between the TNCC and TNCS. IFTNCCS is transport-independent so it can be carried over a variety of transports.
  • IF-T for Tunneled EAP Methods specifies how IF-TNCCS should be carried over Extensible Authentication Protocol (EAP) tunneled methods such as EAP-TTLS, EAP-FAST, and EAPPEAP.  Supporting these EAP methods allows the TNC architecture to work with a variety of network technologies that support EAP authentication: 802.1x, IKEv2, etc.
  • IF-PEP for RADIUS specifies how to use the RADIUS protocol for communications between a Network Access Authority (NAA) - typically an AAA/RADIUS server - and a Policy Enforcement Point (PEP). IF-PEP is used to send network access decisions from the NAA to the PEP, enabling the PEP to enforce the access decisions on an endpoint's network traffic. The network access decision will trigger enforcement action by the PEP, such as allowing access, denying access, or granting limited access.
In February 2007, the TCG announced the release of updates to four existing specifications. The new specification names are IF-IMC 1.2, IF-IMV 1.2, IF-TNCCS 1.1, and IF-PEP for RADIUS 1.1. These updated specifications provide valuable enhancements to the original versions, adding features requested by customers and incorporating fixes in response to feedback from implementers.

What features do TNC specifications provide?

The following new features are provided:
  • Java Platform Binding to IF-IMC (integrity measurement collector) and IF-IMV (integrity measurement verifier)
  • Support allowing each IMV to give a human-readable, localized reason string explaining itsrecommendation (in IF-IMV and IF-TNCCS)
  • Support for VLAN-aware endpoints(in IF-PEP (policy enforcement point)

The main benefits of these features are:

  • TNC client software can be deployed more quickly and easily since it can be dynamically downloaded over the network as Java code.
  • TNC client and server software can be developed to run on any system that supports Java 2 Standard Edition version 1.4.2 or later.
  • In case of problems, messages can be presented in the user's native language.
  • Endpoints can employ multiple VLANs for applications like telephony.

What does the publication of IF-TNCCS-SOH 1.0 mean for customers?

The IF-TNCCS-SOH 1.0 protocol now is an open standard published by TCG (under the TCG royalty free cross-licensing model) and available for anyone to implement for free. It is implemented in Windows Vista and to be implemented in Windows XP and Windows "Longhorn". We believe it will become the prevalent method for network access control client-server protocols. SOH will enable any device to participate in a TNC or NAP network and have its health checked.

As a result of making SOH part of TNC, customers benefit in several ways:

  • Interoperability: Customers can now be assured of interoperability between Microsoft NAP and other TNC implementations.
  • Choice: Customers can now choose from any of the wide array of products that support Microsoft NAP and TCG TNC based on customer needs.
  • Compatibility: Network access control products will now be much more compatible, allowing customers to interconnect a wide range of network, client, and server components.
  • Clarification: Customers who have been waiting for consolidation and clarification in the confusing maze of network access control architectures and standards can now proceed with deployments of NAP and TNC products, confident that they will interoperate.
  • Single Client Agent: Computers running Windows Vista, Windows Server "Longhorn", and future versions of Windows XP include the NAP Agent component as part of the core operating system. The NAP Agent will be used for both NAP and TNC, greatly simplifying deployment of a network access control solution. To support client operating systems other than Windows, Microsoft will license elements of the NAP client technology that support both NAP and TCG TNC to third-party software developers.

What are some attributes of TNC?

TNC is based on the twin concepts of integrity and identity. Integrity is used in this case to describe the desired state of an endpoint's "health" or configuration, as defined by IT policies. Examples might be to check if the system adheres to pre-determined policies and determine the system is not engaged in unusual or malicious behavior. Identity ensures that systems are authenticated for authorized users only; clients with the TPM offer additional security in that identity is established through hardware. The TPM also provides a trusted boot mechanism that uniquely helps thwart root kits, stealthy infections that are otherwise almost impossible to detect.

View All FAQs

Next