SlideShare a Scribd company logo

trusted computing platform alliancee.ppt

Download as PPT, PDF
N
naghamallella

trusted computing

Science
1 of 26
Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002
• Increase consumer and businesses confidence • Protect end-user private data – by enabling trust in end systems behavior • Reduce business risks – by enabling trust in the behavior of critical information systems Why Trusted Computing Platforms?
Trusted Computing Platform properties • Recognize that a platform has known properties – Mobile platform access to corporate network. – Remote Access via known public access point. • Identify that a system will behave as expected: – Mobile access to corporate network with firewall and antivirus requirements. – Outsourced platform administration • Enable a user to have more confidence in the behavior of the platform in front of them – Trust a platform to handle my private data I.e banking, medical…etc… – Achieving WYSIWYS: What You Sign Is What You See… Do I have confidence in interacting with this platform? Can I trust you to be what you say you are? Can I trust you to behave in an expected manner?
The Conspiracy to Prevent Artistry The Conspiracy to Prevent Anonymity The Conspiracy to Prevent Assembly The Conspiracy in Prelude to Apocalypse The Trusted Computing Platform Alliance - TCPA - AKA??? How? The Cleverly Parboiled Amphibian
The Trusted Computing Platform Alliance - TCPA - • An Industry work group focused on defining and advancing the concept of Trusted Computing • Founded in 1999 by Compaq, HP, IBM, Intel, and Microsoft. • 180+ members from the hardware, software, communications, and security technology industries
The TCPA charter • Provide a ubiquitous and widely adopted means to address trustworthiness of computing platforms • Publish an open specification for public review – Not security by obscurity • Define a technology specification that can be applied to any type of computing platform (not just PCs!)
TCPA Generic Platform Spec PC Specific 2002 onwards Founded 1999 Specification revised by membership Feb ‘01 Sept ‘01 Internet Appliances Mobile Phones Servers TPM PP Evaluation completed by NIST 8/02 Platform PP or TBB In development Common criteria conformance specs Technology architecture specs TCPA specification activity
TCPA concepts • Definition: A platform can be trusted if it behaves in the expected manner for the intended purpose • TCPA technology provides mechanisms for: – Platform Authentication and Attestation • Identify the platform and its properties to a challenging party – Platform Integrity Reporting • Reliably measure and report on the platform’s software state – Protected Storage • Protect private and secret data. Protect integrity and identity information against subversion
The TCPA architecture relies on the concept of a Root of Trust • A third party can rely on information provided by a platform’s Root of Trust • The root of trust must be able to report on software that has executed • The root of trust must be able to keep secrets from the rest of the platform  measure the first piece of code that executes when the platform boots  independent computing engine  “secret” storage How does TCPA achieve this?
• It is necessary to trust these Roots of Trust for TCPA mechanisms to be relied upon => Conformance and Certification • A Root of Trust for Reporting – The component that can be trusted to store and report reliable information about the platform • A Root of Trust for Measurement – The component that can be trusted to reliably measure and report to the Root of Trust for reporting what software executes on platform boot Two Roots of Trust: Measurement, Reporting
The Trusted Platform Module - TPM - • The TPM is the Root of Trust for Reporting • Think: smartcard-like security capability embedded into the platform – The TPM is uniquely bound to a single platform – TPM functions and storage are isolated from all other components of the platform (e.g., the CPU)
The Core Root of Trust for Measurement - CRTM - • The CRTM is the first piece of code that executes on a platform at boot time. (I.e. Bios or Bios BootBlock in an IA-32 platform) – It must be trusted to properly report to the TPM what software executes after it. – Only authorized entities must be able to reflash the CRTM… (those that vouch for its behavior)
CRTM and TPM during the boot process The Authenticated boot process CRTM - Bios BootBlock BIOS OpRom1 OSLoader OpRom 2 OpRomN OS Hash code TPM Report Hashed code Hand-Off Hash code Hand-Off Hash code Hand-Off Report Hashed code Report Hashed code Hash code Hash code
• Platform authentication •Protected Storage • Integrity Reporting TCPA feature-set
Platform Authentication • TCPA provides for the TPM to have control over “multiple pseudonymous attestation identities” • TPM attestation identities do not contain any owner/user related information => A platform identity attests to platform properties • No single TPM “identity” is ever used to digital sign data => privacy protection • TPM Identity certification is required to attest to the fact that they identify a genuine TCPA platform • The TPM Identity creation protocol allows for to choose different Certification Authorities (Privacy-CA) to certify each TPM identity => prevent correlation
Generating an identity
Integrity Reporting • Measurements reported to the TPM during (and after) the boot process can not be removed or deleted until reboot => No hiding code that has executed on the platform • The TPM will use an attestation identity to sign the integrity report • The recipient of integrity information can evaluate trustworthiness of the information based on the certificate of attestation identity  Trust that the TPM is a genuine TPM on a genuine Trusted Platform
Integrity Reporting (2) • The recipient of reporting information relies on “signed certificates” that attest that a given measurement represents a known piece of code – Cert(Phoenix BIOS v1.2 has hash value of H) – Cert(CorpIT config, combined hash value) • The recipient can verify these Integrity Metrics Certificates and compare certified metrics to reported metrics  Trust that the reported metrics correspond to certified software Trusting the reported software is dependent on the recipient’s policy, for a given application context
Protected Storage • No generic encryption device – no export control pb • Cryptographic keys can be created that are protected by the TPM • Data can be encrypted using the TPM, that can only be decrypted using this same TPM • A specific software configuration can also be specified, that will be required for the TPM to allow data to be decrypted, or keys to be used  This is called Sealing: parameters define which Integrity Metrics the data should be sealed to
Protected Storage Hierarchy Storage Keys TPM Protects (Stored Internally) Protects (Using encryption) Storage Root Key (Asymmetric key) Signature key Signature key Protects (using encryption) Protects (using encryption) Storage key Symmetric key Asymmetric key (signs data) Authorization secret Secret Data Secret Data Secret Data Secret Data Asymmetric Keys Arbitrary data TPM Protected Objects
Privacy-positive design • Notion of TPM Owner, think Platform Administrator • Ultimate TPM functionality control goes to the Owner • TPM Activation controlled by the Owner, and deactivation available to the User • No single TPM “identity” is ever used to digitally sign data • Multiple pseudonymous IDs (limits correlation) • Remote control of the TPM enabled by challenge response protocols for authorization mechanisms • Can prevent the revelation of secrets unless the software state is in an approved state
• Common Criteria based • TCPA: – TPM Protection Profile completed – Platform Protection Profile to include CRTM and connection to platform • Manufacturers role – Create Security Target, and produce product design evaluation About Conformance
Short term TCPA benefits – protected storage (Platform with a TPM, associated software provided by the TPM manufacturer) Customers can encrypt the data on their hard disks in a way that is much more secure than software solutions. – The TCPA chip is a portal to encrypted data. – Encrypted data can then only ever be decrypted on the same platform that encrypted it. – TCPA also provides for digital signature keys to be protected and used by the embedded hardware chip
Middle term TCPA benefits – integrity checking (Short term solution plus additional software) Protection against hacker scripts, by automatically preventing access to data if unauthorised programs are executed. – TCPA provides for the measurement of integrity metrics of the software environment on the TCPA platform. – Allows for a remote party to verify what the software environment on a TCPA platform is. – The TCPA chip can then be used to encrypt data to disk so that this data can only ever be decrypted on that same platform, and ONLY if the platform has a given set of software environment integrity metrics.
Long term TCPA benefits – e-commerce Customers and their partners/suppliers/customers can connect their IT systems and expose only the data that is intended to be exposed. – TCPA is designed so that platform identities and Integrity Metrics can be proven reliably to previously unknown parties. – Secure online discovery of platforms and services: confidence in the information about the software environment and identity of a remote party, enabling higher levels of trust when interacting with this party.
and now Palladium

Recommended

Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overviewSajid Marwat
 
Trusted Computing security _platform.ppt
Trusted Computing security _platform.pptTrusted Computing security _platform.ppt
Trusted Computing security _platform.pptnaghamallella
 
Introduction to Trusted Computing
Introduction to Trusted ComputingIntroduction to Trusted Computing
Introduction to Trusted ComputingMaksim Djackov
 
Abbie Barbir Tcg Final
Abbie Barbir Tcg FinalAbbie Barbir Tcg Final
Abbie Barbir Tcg FinalAbbie Barbir
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
Trusted Platform Module (TPM)
Trusted Platform Module (TPM)Trusted Platform Module (TPM)
Trusted Platform Module (TPM)k33a
 
Trusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptTrusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptnaghamallella
 
Securing the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversSecuring the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversWithTheBest
 

Recommended

Trusted computing introduction and technical overview
Trusted computing introduction and technical overviewTrusted computing introduction and technical overview
Trusted computing introduction and technical overviewSajid Marwat
 
Trusted Computing security _platform.ppt
Trusted Computing security _platform.pptTrusted Computing security _platform.ppt
Trusted Computing security _platform.pptnaghamallella
 
Introduction to Trusted Computing
Introduction to Trusted ComputingIntroduction to Trusted Computing
Introduction to Trusted ComputingMaksim Djackov
 
Abbie Barbir Tcg Final
Abbie Barbir Tcg FinalAbbie Barbir Tcg Final
Abbie Barbir Tcg FinalAbbie Barbir
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
Trusted Platform Module (TPM)
Trusted Platform Module (TPM)Trusted Platform Module (TPM)
Trusted Platform Module (TPM)k33a
 
Trusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptTrusted _Computing _security mobile .ppt
Trusted _Computing _security mobile .pptnaghamallella
 
Securing the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversSecuring the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversWithTheBest
 
Why TPM in Automotive?
Why TPM in Automotive?Why TPM in Automotive?
Why TPM in Automotive?Alan Tatourian
 
Trust and Cloud Computing, removing the need to trust your cloud provider
Trust and Cloud Computing, removing the need to trust your cloud providerTrust and Cloud Computing, removing the need to trust your cloud provider
Trust and Cloud Computing, removing the need to trust your cloud providerDavid Wallom
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...David Wallom
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...David Wallom
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustProtecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustDan Griffin
 
Lessson 3
Lessson 3Lessson 3
Lessson 3MLG College of Learning, Inc
 
Introduction of Trusted Network Connect (TNC)
Introduction of Trusted Network Connect (TNC)Introduction of Trusted Network Connect (TNC)
Introduction of Trusted Network Connect (TNC)Houcheng Lee
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Securing Internet of Things with Trustworthy Computing
Securing Internet of Things with Trustworthy ComputingSecuring Internet of Things with Trustworthy Computing
Securing Internet of Things with Trustworthy ComputingThe Security of Things Forum
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptnaghamallella
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsRivetz
 
Trusted Computing Base
Trusted Computing BaseTrusted Computing Base
Trusted Computing BaseVasily Sartakov
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PROIDEA
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesSherry Bailey
 
Security Consideration for Set-top box SoC
Security Consideration for Set-top box SoCSecurity Consideration for Set-top box SoC
Security Consideration for Set-top box SoCWesley Li
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT GatewayLF Events
 
Essential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityEssential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityPrecisely
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
OS-20210426203801 introduction to os.ppt
OS-20210426203801 introduction to os.pptOS-20210426203801 introduction to os.ppt
OS-20210426203801 introduction to os.pptnaghamallella
 
basic logic gate presentation date23.ppt
basic logic gate presentation date23.pptbasic logic gate presentation date23.ppt
basic logic gate presentation date23.pptnaghamallella
 

More Related Content

Similar to trusted computing platform alliancee.ppt

Why TPM in Automotive?
Why TPM in Automotive?Why TPM in Automotive?
Why TPM in Automotive?Alan Tatourian
 
Trust and Cloud Computing, removing the need to trust your cloud provider
Trust and Cloud Computing, removing the need to trust your cloud providerTrust and Cloud Computing, removing the need to trust your cloud provider
Trust and Cloud Computing, removing the need to trust your cloud providerDavid Wallom
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...David Wallom
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...David Wallom
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustProtecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustDan Griffin
 
Introduction of Trusted Network Connect (TNC)
Introduction of Trusted Network Connect (TNC)Introduction of Trusted Network Connect (TNC)
Introduction of Trusted Network Connect (TNC)Houcheng Lee
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Securing Internet of Things with Trustworthy Computing
Securing Internet of Things with Trustworthy ComputingSecuring Internet of Things with Trustworthy Computing
Securing Internet of Things with Trustworthy ComputingThe Security of Things Forum
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptnaghamallella
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsRivetz
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PROIDEA
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesSherry Bailey
 
Security Consideration for Set-top box SoC
Security Consideration for Set-top box SoCSecurity Consideration for Set-top box SoC
Security Consideration for Set-top box SoCWesley Li
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT GatewayLF Events
 
Essential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityEssential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityPrecisely
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 

Similar to trusted computing platform alliancee.ppt (20)

Why TPM in Automotive?
Why TPM in Automotive?Why TPM in Automotive?
Why TPM in Automotive?
 
Trust and Cloud Computing, removing the need to trust your cloud provider
Trust and Cloud Computing, removing the need to trust your cloud providerTrust and Cloud Computing, removing the need to trust your cloud provider
Trust and Cloud Computing, removing the need to trust your cloud provider
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...
 
Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...Trust and Cloud computing, removing the need for the consumer to trust their ...
Trust and Cloud computing, removing the need for the consumer to trust their ...
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustProtecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
Protecting Data with Short-Lived Encryption Keys and Hardware Root of Trust
 
Lessson 3
Lessson 3Lessson 3
Lessson 3
 
Introduction of Trusted Network Connect (TNC)
Introduction of Trusted Network Connect (TNC)Introduction of Trusted Network Connect (TNC)
Introduction of Trusted Network Connect (TNC)
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewed
 
Securing Internet of Things with Trustworthy Computing
Securing Internet of Things with Trustworthy ComputingSecuring Internet of Things with Trustworthy Computing
Securing Internet of Things with Trustworthy Computing
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.ppt
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain Transactions
 
Trusted Computing Base
Trusted Computing BaseTrusted Computing Base
Trusted Computing Base
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay Examples
 
Security Consideration for Set-top box SoC
Security Consideration for Set-top box SoCSecurity Consideration for Set-top box SoC
Security Consideration for Set-top box SoC
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Essential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field SecurityEssential Layers of IBM i Security: File and Field Security
Essential Layers of IBM i Security: File and Field Security
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 

More from naghamallella

OS-20210426203801 introduction to os.ppt
OS-20210426203801 introduction to os.pptOS-20210426203801 introduction to os.ppt
OS-20210426203801 introduction to os.pptnaghamallella
 
basic logic gate presentation date23.ppt
basic logic gate presentation date23.pptbasic logic gate presentation date23.ppt
basic logic gate presentation date23.pptnaghamallella
 
logic gate presentation for and or n.ppt
logic gate presentation for and or n.pptlogic gate presentation for and or n.ppt
logic gate presentation for and or n.pptnaghamallella
 
6_2019_04_09!08_59_48_PM logic gate_.ppt
6_2019_04_09!08_59_48_PM logic gate_.ppt6_2019_04_09!08_59_48_PM logic gate_.ppt
6_2019_04_09!08_59_48_PM logic gate_.pptnaghamallella
 
bin packing 2 for real time scheduli.ppt
bin packing 2 for real time scheduli.pptbin packing 2 for real time scheduli.ppt
bin packing 2 for real time scheduli.pptnaghamallella
 
bin packing2 and scheduling for mul.pptx
bin packing2 and scheduling for mul.pptxbin packing2 and scheduling for mul.pptx
bin packing2 and scheduling for mul.pptxnaghamallella
 
BOOTP computer science for multiproc.ppt
BOOTP computer science for multiproc.pptBOOTP computer science for multiproc.ppt
BOOTP computer science for multiproc.pptnaghamallella
 
trusted computing for security confe.ppt
trusted computing for security confe.ppttrusted computing for security confe.ppt
trusted computing for security confe.pptnaghamallella
 
bin packing and scheduling multiproc.ppt
bin packing and scheduling multiproc.pptbin packing and scheduling multiproc.ppt
bin packing and scheduling multiproc.pptnaghamallella
 
multiprocessor _system _presentation.ppt
multiprocessor _system _presentation.pptmultiprocessor _system _presentation.ppt
multiprocessor _system _presentation.pptnaghamallella
 
image processing for jpeg presentati.ppt
image processing for jpeg presentati.pptimage processing for jpeg presentati.ppt
image processing for jpeg presentati.pptnaghamallella
 
introduction to jpeg for image proce.ppt
introduction to jpeg for image proce.pptintroduction to jpeg for image proce.ppt
introduction to jpeg for image proce.pptnaghamallella
 
jpg image processing nagham salim_as.ppt
jpg image processing nagham salim_as.pptjpg image processing nagham salim_as.ppt
jpg image processing nagham salim_as.pptnaghamallella
 
lips _reading_nagham _salim compute.pptx
lips _reading_nagham _salim compute.pptxlips _reading_nagham _salim compute.pptx
lips _reading_nagham _salim compute.pptxnaghamallella
 
electronic mail security for authent.ppt
electronic mail security for authent.pptelectronic mail security for authent.ppt
electronic mail security for authent.pptnaghamallella
 
web _security_ for _confedindality s.ppt
web _security_ for _confedindality s.pptweb _security_ for _confedindality s.ppt
web _security_ for _confedindality s.pptnaghamallella
 
lips _reading _in computer_ vision_n.ppt
lips _reading _in computer_ vision_n.pptlips _reading _in computer_ vision_n.ppt
lips _reading _in computer_ vision_n.pptnaghamallella
 
thread_ multiprocessor_ scheduling_a.ppt
thread_ multiprocessor_ scheduling_a.pptthread_ multiprocessor_ scheduling_a.ppt
thread_ multiprocessor_ scheduling_a.pptnaghamallella
 
distributed real time system schedul.ppt
distributed real time system schedul.pptdistributed real time system schedul.ppt
distributed real time system schedul.pptnaghamallella
 
avi _file _formate_ trasport _layer.pptx
avi _file _formate_ trasport _layer.pptxavi _file _formate_ trasport _layer.pptx
avi _file _formate_ trasport _layer.pptxnaghamallella
 

More from naghamallella (20)

OS-20210426203801 introduction to os.ppt
OS-20210426203801 introduction to os.pptOS-20210426203801 introduction to os.ppt
OS-20210426203801 introduction to os.ppt
 
basic logic gate presentation date23.ppt
basic logic gate presentation date23.pptbasic logic gate presentation date23.ppt
basic logic gate presentation date23.ppt
 
logic gate presentation for and or n.ppt
logic gate presentation for and or n.pptlogic gate presentation for and or n.ppt
logic gate presentation for and or n.ppt
 
6_2019_04_09!08_59_48_PM logic gate_.ppt
6_2019_04_09!08_59_48_PM logic gate_.ppt6_2019_04_09!08_59_48_PM logic gate_.ppt
6_2019_04_09!08_59_48_PM logic gate_.ppt
 
bin packing 2 for real time scheduli.ppt
bin packing 2 for real time scheduli.pptbin packing 2 for real time scheduli.ppt
bin packing 2 for real time scheduli.ppt
 
bin packing2 and scheduling for mul.pptx
bin packing2 and scheduling for mul.pptxbin packing2 and scheduling for mul.pptx
bin packing2 and scheduling for mul.pptx
 
BOOTP computer science for multiproc.ppt
BOOTP computer science for multiproc.pptBOOTP computer science for multiproc.ppt
BOOTP computer science for multiproc.ppt
 
trusted computing for security confe.ppt
trusted computing for security confe.ppttrusted computing for security confe.ppt
trusted computing for security confe.ppt
 
bin packing and scheduling multiproc.ppt
bin packing and scheduling multiproc.pptbin packing and scheduling multiproc.ppt
bin packing and scheduling multiproc.ppt
 
multiprocessor _system _presentation.ppt
multiprocessor _system _presentation.pptmultiprocessor _system _presentation.ppt
multiprocessor _system _presentation.ppt
 
image processing for jpeg presentati.ppt
image processing for jpeg presentati.pptimage processing for jpeg presentati.ppt
image processing for jpeg presentati.ppt
 
introduction to jpeg for image proce.ppt
introduction to jpeg for image proce.pptintroduction to jpeg for image proce.ppt
introduction to jpeg for image proce.ppt
 
jpg image processing nagham salim_as.ppt
jpg image processing nagham salim_as.pptjpg image processing nagham salim_as.ppt
jpg image processing nagham salim_as.ppt
 
lips _reading_nagham _salim compute.pptx
lips _reading_nagham _salim compute.pptxlips _reading_nagham _salim compute.pptx
lips _reading_nagham _salim compute.pptx
 
electronic mail security for authent.ppt
electronic mail security for authent.pptelectronic mail security for authent.ppt
electronic mail security for authent.ppt
 
web _security_ for _confedindality s.ppt
web _security_ for _confedindality s.pptweb _security_ for _confedindality s.ppt
web _security_ for _confedindality s.ppt
 
lips _reading _in computer_ vision_n.ppt
lips _reading _in computer_ vision_n.pptlips _reading _in computer_ vision_n.ppt
lips _reading _in computer_ vision_n.ppt
 
thread_ multiprocessor_ scheduling_a.ppt
thread_ multiprocessor_ scheduling_a.pptthread_ multiprocessor_ scheduling_a.ppt
thread_ multiprocessor_ scheduling_a.ppt
 
distributed real time system schedul.ppt
distributed real time system schedul.pptdistributed real time system schedul.ppt
distributed real time system schedul.ppt
 
avi _file _formate_ trasport _layer.pptx
avi _file _formate_ trasport _layer.pptxavi _file _formate_ trasport _layer.pptx
avi _file _formate_ trasport _layer.pptx
 

Recently uploaded

Genomic DNA And Complementary DNA Libraries construction.
Genomic DNA And Complementary DNA Libraries construction.Genomic DNA And Complementary DNA Libraries construction.
Genomic DNA And Complementary DNA Libraries construction.k64182334
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsSérgio Sacani
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Nistarini College, Purulia (W.B) India
 
Orientation, design and principles of polyhouse
Orientation, design and principles of polyhouseOrientation, design and principles of polyhouse
Orientation, design and principles of polyhousejana861314
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxSwapnil Therkar
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PPRINCE C P
 
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCESTERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCEPRINCE C P
 
The Black hole shadow in Modified Gravity
The Black hole shadow in Modified GravityThe Black hole shadow in Modified Gravity
The Black hole shadow in Modified GravitySubhadipsau21168
 
Neurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 trNeurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 trssuser06f238
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...RohitNehra6
 
A relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfA relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfnehabiju2046
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfSELF-EXPLANATORY
 
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡anilsa9823
 
GFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxGFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxAleenaTreesaSaji
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxanandsmhk
 
Recombination DNA Technology (Microinjection)
Recombination DNA Technology (Microinjection)Recombination DNA Technology (Microinjection)
Recombination DNA Technology (Microinjection)Jshifa
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...anilsa9823
 
zoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzohaibmir069
 
Isotopic evidence of long-lived volcanism on Io
Isotopic evidence of long-lived volcanism on IoIsotopic evidence of long-lived volcanism on Io
Isotopic evidence of long-lived volcanism on IoSérgio Sacani
 

Recently uploaded (20)

Genomic DNA And Complementary DNA Libraries construction.
Genomic DNA And Complementary DNA Libraries construction.Genomic DNA And Complementary DNA Libraries construction.
Genomic DNA And Complementary DNA Libraries construction.
 
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroidsHubble Asteroid Hunter III. Physical properties of newly found asteroids
Hubble Asteroid Hunter III. Physical properties of newly found asteroids
 
Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...Bentham & Hooker's Classification. along with the merits and demerits of the ...
Bentham & Hooker's Classification. along with the merits and demerits of the ...
 
Orientation, design and principles of polyhouse
Orientation, design and principles of polyhouseOrientation, design and principles of polyhouse
Orientation, design and principles of polyhouse
 
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptxAnalytical Profile of Coleus Forskohlii | Forskolin .pptx
Analytical Profile of Coleus Forskohlii | Forskolin .pptx
 
Artificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C PArtificial Intelligence In Microbiology by Dr. Prince C P
Artificial Intelligence In Microbiology by Dr. Prince C P
 
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCESTERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
STERILITY TESTING OF PHARMACEUTICALS ppt by DR.C.P.PRINCE
 
The Black hole shadow in Modified Gravity
The Black hole shadow in Modified GravityThe Black hole shadow in Modified Gravity
The Black hole shadow in Modified Gravity
 
The Philosophy of Science
The Philosophy of ScienceThe Philosophy of Science
The Philosophy of Science
 
Neurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 trNeurodevelopmental disorders according to the dsm 5 tr
Neurodevelopmental disorders according to the dsm 5 tr
 
Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...Biopesticide (2).pptx .This slides helps to know the different types of biop...
Biopesticide (2).pptx .This slides helps to know the different types of biop...
 
A relative description on Sonoporation.pdf
A relative description on Sonoporation.pdfA relative description on Sonoporation.pdf
A relative description on Sonoporation.pdf
 
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdfBehavioral Disorder: Schizophrenia & it's Case Study.pdf
Behavioral Disorder: Schizophrenia & it's Case Study.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
CALL ON ➥8923113531 🔝Call Girls Kesar Bagh Lucknow best Night Fun service 🪡
 
GFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptxGFP in rDNA Technology (Biotechnology).pptx
GFP in rDNA Technology (Biotechnology).pptx
 
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptxUnlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
Unlocking the Potential: Deep dive into ocean of Ceramic Magnets.pptx
 
Recombination DNA Technology (Microinjection)
Recombination DNA Technology (Microinjection)Recombination DNA Technology (Microinjection)
Recombination DNA Technology (Microinjection)
 
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
Lucknow 💋 Russian Call Girls Lucknow Finest Escorts Service 8923113531 Availa...
 
zoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistanzoogeography of pakistan.pptx fauna of Pakistan
zoogeography of pakistan.pptx fauna of Pakistan
 
Isotopic evidence of long-lived volcanism on Io
Isotopic evidence of long-lived volcanism on IoIsotopic evidence of long-lived volcanism on Io
Isotopic evidence of long-lived volcanism on Io
 

trusted computing platform alliancee.ppt

  • 1. Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002
  • 2. • Increase consumer and businesses confidence • Protect end-user private data – by enabling trust in end systems behavior • Reduce business risks – by enabling trust in the behavior of critical information systems Why Trusted Computing Platforms?
  • 3. Trusted Computing Platform properties • Recognize that a platform has known properties – Mobile platform access to corporate network. – Remote Access via known public access point. • Identify that a system will behave as expected: – Mobile access to corporate network with firewall and antivirus requirements. – Outsourced platform administration • Enable a user to have more confidence in the behavior of the platform in front of them – Trust a platform to handle my private data I.e banking, medical…etc… – Achieving WYSIWYS: What You Sign Is What You See… Do I have confidence in interacting with this platform? Can I trust you to be what you say you are? Can I trust you to behave in an expected manner?
  • 4. The Conspiracy to Prevent Artistry The Conspiracy to Prevent Anonymity The Conspiracy to Prevent Assembly The Conspiracy in Prelude to Apocalypse The Trusted Computing Platform Alliance - TCPA - AKA??? How? The Cleverly Parboiled Amphibian
  • 5. The Trusted Computing Platform Alliance - TCPA - • An Industry work group focused on defining and advancing the concept of Trusted Computing • Founded in 1999 by Compaq, HP, IBM, Intel, and Microsoft. • 180+ members from the hardware, software, communications, and security technology industries
  • 6. The TCPA charter • Provide a ubiquitous and widely adopted means to address trustworthiness of computing platforms • Publish an open specification for public review – Not security by obscurity • Define a technology specification that can be applied to any type of computing platform (not just PCs!)
  • 7. TCPA Generic Platform Spec PC Specific 2002 onwards Founded 1999 Specification revised by membership Feb ‘01 Sept ‘01 Internet Appliances Mobile Phones Servers TPM PP Evaluation completed by NIST 8/02 Platform PP or TBB In development Common criteria conformance specs Technology architecture specs TCPA specification activity
  • 8. TCPA concepts • Definition: A platform can be trusted if it behaves in the expected manner for the intended purpose • TCPA technology provides mechanisms for: – Platform Authentication and Attestation • Identify the platform and its properties to a challenging party – Platform Integrity Reporting • Reliably measure and report on the platform’s software state – Protected Storage • Protect private and secret data. Protect integrity and identity information against subversion
  • 9. The TCPA architecture relies on the concept of a Root of Trust • A third party can rely on information provided by a platform’s Root of Trust • The root of trust must be able to report on software that has executed • The root of trust must be able to keep secrets from the rest of the platform  measure the first piece of code that executes when the platform boots  independent computing engine  “secret” storage How does TCPA achieve this?
  • 10. • It is necessary to trust these Roots of Trust for TCPA mechanisms to be relied upon => Conformance and Certification • A Root of Trust for Reporting – The component that can be trusted to store and report reliable information about the platform • A Root of Trust for Measurement – The component that can be trusted to reliably measure and report to the Root of Trust for reporting what software executes on platform boot Two Roots of Trust: Measurement, Reporting
  • 11. The Trusted Platform Module - TPM - • The TPM is the Root of Trust for Reporting • Think: smartcard-like security capability embedded into the platform – The TPM is uniquely bound to a single platform – TPM functions and storage are isolated from all other components of the platform (e.g., the CPU)
  • 12. The Core Root of Trust for Measurement - CRTM - • The CRTM is the first piece of code that executes on a platform at boot time. (I.e. Bios or Bios BootBlock in an IA-32 platform) – It must be trusted to properly report to the TPM what software executes after it. – Only authorized entities must be able to reflash the CRTM… (those that vouch for its behavior)
  • 13. CRTM and TPM during the boot process The Authenticated boot process CRTM - Bios BootBlock BIOS OpRom1 OSLoader OpRom 2 OpRomN OS Hash code TPM Report Hashed code Hand-Off Hash code Hand-Off Hash code Hand-Off Report Hashed code Report Hashed code Hash code Hash code
  • 14. • Platform authentication •Protected Storage • Integrity Reporting TCPA feature-set
  • 15. Platform Authentication • TCPA provides for the TPM to have control over “multiple pseudonymous attestation identities” • TPM attestation identities do not contain any owner/user related information => A platform identity attests to platform properties • No single TPM “identity” is ever used to digital sign data => privacy protection • TPM Identity certification is required to attest to the fact that they identify a genuine TCPA platform • The TPM Identity creation protocol allows for to choose different Certification Authorities (Privacy-CA) to certify each TPM identity => prevent correlation
  • 17. Integrity Reporting • Measurements reported to the TPM during (and after) the boot process can not be removed or deleted until reboot => No hiding code that has executed on the platform • The TPM will use an attestation identity to sign the integrity report • The recipient of integrity information can evaluate trustworthiness of the information based on the certificate of attestation identity  Trust that the TPM is a genuine TPM on a genuine Trusted Platform
  • 18. Integrity Reporting (2) • The recipient of reporting information relies on “signed certificates” that attest that a given measurement represents a known piece of code – Cert(Phoenix BIOS v1.2 has hash value of H) – Cert(CorpIT config, combined hash value) • The recipient can verify these Integrity Metrics Certificates and compare certified metrics to reported metrics  Trust that the reported metrics correspond to certified software Trusting the reported software is dependent on the recipient’s policy, for a given application context
  • 19. Protected Storage • No generic encryption device – no export control pb • Cryptographic keys can be created that are protected by the TPM • Data can be encrypted using the TPM, that can only be decrypted using this same TPM • A specific software configuration can also be specified, that will be required for the TPM to allow data to be decrypted, or keys to be used  This is called Sealing: parameters define which Integrity Metrics the data should be sealed to
  • 20. Protected Storage Hierarchy Storage Keys TPM Protects (Stored Internally) Protects (Using encryption) Storage Root Key (Asymmetric key) Signature key Signature key Protects (using encryption) Protects (using encryption) Storage key Symmetric key Asymmetric key (signs data) Authorization secret Secret Data Secret Data Secret Data Secret Data Asymmetric Keys Arbitrary data TPM Protected Objects
  • 21. Privacy-positive design • Notion of TPM Owner, think Platform Administrator • Ultimate TPM functionality control goes to the Owner • TPM Activation controlled by the Owner, and deactivation available to the User • No single TPM “identity” is ever used to digitally sign data • Multiple pseudonymous IDs (limits correlation) • Remote control of the TPM enabled by challenge response protocols for authorization mechanisms • Can prevent the revelation of secrets unless the software state is in an approved state
  • 22. • Common Criteria based • TCPA: – TPM Protection Profile completed – Platform Protection Profile to include CRTM and connection to platform • Manufacturers role – Create Security Target, and produce product design evaluation About Conformance
  • 23. Short term TCPA benefits – protected storage (Platform with a TPM, associated software provided by the TPM manufacturer) Customers can encrypt the data on their hard disks in a way that is much more secure than software solutions. – The TCPA chip is a portal to encrypted data. – Encrypted data can then only ever be decrypted on the same platform that encrypted it. – TCPA also provides for digital signature keys to be protected and used by the embedded hardware chip
  • 24. Middle term TCPA benefits – integrity checking (Short term solution plus additional software) Protection against hacker scripts, by automatically preventing access to data if unauthorised programs are executed. – TCPA provides for the measurement of integrity metrics of the software environment on the TCPA platform. – Allows for a remote party to verify what the software environment on a TCPA platform is. – The TCPA chip can then be used to encrypt data to disk so that this data can only ever be decrypted on that same platform, and ONLY if the platform has a given set of software environment integrity metrics.
  • 25. Long term TCPA benefits – e-commerce Customers and their partners/suppliers/customers can connect their IT systems and expose only the data that is intended to be exposed. – TCPA is designed so that platform identities and Integrity Metrics can be proven reliably to previously unknown parties. – Secure online discovery of platforms and services: confidence in the information about the software environment and identity of a remote party, enabling higher levels of trust when interacting with this party.