Trusted Computing & Trusted Computing Group
Trusted Computing & TrustedComputing GroupJanuary 15 2008Claire Vishik, Intel1
Agenda Technology Introduction– Premises for Trusted Computing TCG and Trusted Computing Technology– Trusted Computing Group (TCG)– TPM: technology, main uses– Usage scenarios2
Technology IntroductionPremises for Trusted Computing3
Platform Authentication? Applications tend to focus on “userauthentication”– But how does the IT infrastructure know whichplatform (computer) is being used?– Is it authorized to be attached to the internalnetwork?4
Platform Attestation? Applications tend to assume they have notbeen attacked– Especially true of “monitoring” or “defensive” apps,e.g. anti-virus– But how does the IT infrastructure know if theplatform is executing the application asauthorized?5
Protecting Secrets OS (Operating System) and applicationstypically use software to protect keys andsecrets– There is no standardized and isolatedplace to create and store secrets– All software can be attacked6
Trusted Computing: Today’s Positioning Helps create a safer computing environment– Different paradigm from prevailing exclusionarymodels in other security technologies The technology is reasonably common– TPM (Trusted Platform Module) is a commoncomponent on most business PCs and desktops (100million shipped in 2007) Supports scenarios useful for everydayoperations in diverse environments (citizen-togovernment, e-commerce, etc.) Ecosystem needs to be better developed for fullsupport of TC technologies7
Trusted Computing Group (TCG)Structure, membership,specifications8
Who is TCG? The Trusted Computing Group (TCG) is an internationalindustry standards group TCG Mission: Develop and promote open, vendorneutral, industry standard specifications for trustedcomputing building blocks and software interfacesacross multiple platforms– Upon completion, the TCG publishes the specifications– Anyone may download the specifications once they arepublished– TPM 1.2 specification was submitted to ISO (Dec 2007) The TCG is organized into a work group model wherebyexperts from each technology category can worktogether to develop the specifications– An environment where competitors and collaborators candevelop industry best capabilities that are vendor neutral andinteroperable.9
TCG OrganizationBoard of Directors (as of Dec 2007)Scott Rotondo, Sun, President and Chairman; Boris Belacheff, HP; Garth Hillman, AMD; Seigo Kotani, Fujtisu Ltd., RonPerez, IBM; Thomas Rosteck, Infineon; Claire Vishik, Intel; David Challener, Lenovo; David Wooten, Microsoft; Scott Rotondo,Sun; Bob Thibadeau, Seagate; Brian Berger, Wave SystemsMarketing Work GroupTechnical CommitteeAdvisory CouncilAdministrationBrian Berger, Wave SystemsGraeme Proudler, HPInvited ParticipantsVTM, Inc.PublicRelationsAnne Price,PR WorksEventsMarketingSupportCertification ProgramCommitteeBoris Balacheff, HPHans Brandl, InfineonTPM Work GroupConformance WGDavid Grawrock, IntelSimon Johnson, IntelTSS Work GroupPC Client WGDavid Challener, LenovoMonty Wiseman, IntelMobile Phone WGInfrastructure WGJanne Uusilehto, NokiaThomas Hardjono, WaveNed Smith, IntelVTM, Inc.Peripherals WGSuspendedServer Specific WGPosition KeyGREEN Box:BLUE Box:RED Box:BLACK Box:Elected OfficersChairs Appointed by BoardChairs Nominated by WG,Appointed by BoardResources Contracted by TCGStorage WGRobert Thibadeau, SeagateCarey Huscroft, HPFlorian Samson, BSIHard Copy WGTNCAuthentication WGSteve Hanna, JuniperPaul Sangster, SymantecJesus Molina, FujitsuGerald Maunier, GemaltoBrian Volkoff, HPCompliance WGVirtualized Platform WGGeorg Rankl, InfineonSteve Hanna, JuniperStefan Berger, IBMRobert Malek, Unisys10
TCG MembershipBoard Member CompaniesClasses of ParticipantsCreate specs.Chair WGsEarly accessto specs.144 Members as of Dec 20078 Promoters80 Contributors11 Adopters45 Small AdoptersCreate specs.No Spec. access.11
Liaison Program Program is available to Academic Institutions, otherStandards Bodies, Government Agencies, and SpecialInterest Groups with a stake in trusted computing. Invitation only. Non-voting participation in workgroups. Nofee. Representative approved prior to joining. Some Liaison Program Members– Government Related Australian IT Security ForumNew Zealand GovernmentBSI (Germany)U.K. Government Communications Headquarters (GCHQ)Communications-Electronics Security Group (CESG) United States National Security Agency (NSA) CESI (PRC) Other Government Agencies & groups– Universities Notre Dame, Oxford, Politecnico di Torino, Fachhochschule Hannover,Belfast, San Diego, Macquarie, many other schools12
TCG: The “BIG” PictureApplications Software StackDesktops &Notebooks Operating Systems Web Services Authentication Data ProtectionPrinters dsServersNetworkingSecurityHardware13
TPM (Trusted Platform Module) MarketStatus Update TPM PCs – 70 Million shipped through ‘06, 100M estimated for 2007.– Most branded commercial notebook and desktop PCs haveTPMsTPM servers availableTPM providers –increasing, with multiple solutions and integrationlevelsTrusted Network Connect (TNC) products shippingUse cases released for mobile & storage capabilities– Storage proof of concept demonstration available– Draft specification for Mobile Trust ModuleApplications available and shipping with PCs & ServersVirtualization WG created in 200714
Product ImplementationsTPM nicsWinbondSolutions for:Data ProtectionID ManagementNetwork Security802.1X SecurityVPN SecurityDrive MakersSSOSeagateTCG Enabled Computer Systems:TCG Solutions:Infineon Professional PackageM-SystemsNTRUSoftex (Omni Pass and Theft Guard)Utimaco (SafeGuard)VeriSign (Personal Trust Agent)Wave Systems (Embassy Trust Suites)TNC SuppliersJuniperDell (Latitude Notebook and Optiplex Desktop Series)HPFujitsu (LifeBook Notebook & Desktop systems)Wave SystemsHP (HP Protect Tools)Sun MicrosystemsIBM (Embedded Systems Solution)Intel (Intel Desktop Board’s – 12X)Lenovo (T-Series)Toshiba15
TCG PC Client H/W DesignCPUFamily 1.2 TPMTPM attached tomotherboardRAM TPM Functionsdefined in TPMFunctional SpecMCHAGPTPM– What TPM does andcommands it usesBIOS Interfaces defined inthe TPM � How to communicatewith TPM16
Basic TPM Block DiagramI/ONon-VolatileExec EngineStorageProgram nRegister (PCR)RSAKeyEngineGenerationRNGAIKTrusted Platform Module (TPM)Packaging17
TPM – Key Features Authenticate a platform (machine or device) Store integrity status of a platform Anchor roots of trust on the platform Securely create/store/manage encryption keys Protect itself against software attacks Fully controlled by the owner– Privacy positive implementationNote: Contains no bulk encryption engine18
TPM CapabilitiesWhat a TPM IS:What a TPM IS-NOT– Secure key store– Secure unique identity used forplatform authentication Hardware, Software, Firmware– Used for digital signing andverification– Can strengthen userauthentication– Can strengthen auditing &reporting– Bulk encryptionengine– ID managementsystem– DRM system19
Thank you. Questions?20
Who is TCG? The Trusted Computing Group (TCG) is an international industry standards group TCG Mission: Develop and promote open, vendor-neutral, industry standard specifications for trusted computing building blocks and software interfaces across multiple platforms – Upon completi
92 Trusted Computing and Linux a section on future work. 2 Goals of Trusted Computing The Trusted Computing Group (TCG) has cre-ated the Trusted Computing specifications in response to growing security problems in the technology field. “The purpose of TCG is to develop,
TC Trusted Computing TCG Trusted Computing Group, group of companies developing the TC specs TCPA Trusted Computing Platform Alliance, predecessor of TCG TPM Trusted Platform Module, the hardware Palladium, LaGrande, implementations from various companies, are not always
2.3 Trusted Computing The Trusted Computing Group (TCG) [10] proposed a set of hardware and software technologies to enable the construction of trusted platforms. In particular, the TCG proposeda standardforthe design of the trusted platform module (TPM) chip that is now bundled with com
Trusted Computing refers to a platform of the type specified by the Trusted Computing Group (TCG)1 as well as the next generation of hardware [43, 81, 4] and operating system [63, 49, 9] designed to provide trusted features and hardware-enforced isolation. A trusted platform (TP) is a platform that has a
Trusted computing –history II The TCG TCG (Trusted Computing Group): announced April 8, 2003. TCPA recognised TCG as its successor organisation for the development of trusted computing specifications. The TCG adopted the specifications of the TCPA. Aim of the TCG: –
[1] Trusted Computing Group, Mobile Phone Work Group Use Case Scenarios, Specification Version 2.7, 2005. [2] Trusted Computing Group, TCG Mobile Reference Architecture, Specification Version 1.0, 2007. [3] Trusted Computing Group, TCG Mobile
bedded platforms. The Trusted Computing Group (TCG) has outlined one possible approach to mobile platform secu-rity by recently extending their set of Trusted Computing specifications with Mobile Trusted Modules (MTMs). The MTM specification [13] published by the TCG is a plat-form independe
The standards are neither curriculum nor instructional practices. While the Arizona English Language Arts Standards may be used as the basis for curriculum, they are not a curriculum. Therefore, identifying the sequence of instruction at each grade - what will be taught and for how long- requires concerted effort and attention at the local level. Curricular tools, including textbooks, are .
