wholefasad.blogg.se - Intel trusted platform module driver windows 8

#Intel trusted platform module driver windows 8 how to
#Intel trusted platform module driver windows 8 upgrade
#Intel trusted platform module driver windows 8 software

#Intel trusted platform module driver windows 8 software

Protection and enforcement of software licenses.

Disk encryption įull disk encryption utilities, such as dm-crypt and BitLocker, can use this technology to protect the keys used to encrypt the computer's storage devices and provide integrity authentication for a trusted boot pathway that includes firmware and boot sector. It could remotely attest that a computer is using the specified hardware and software. Īn example of TPM use for platform integrity is the Trusted Execution Technology (TXT), which creates a chain of trust. (See below.)Īnother example of platform integrity via TPM is in the use of Microsoft Office 365 licensing and Outlook Exchange. Good examples can be found in Linux Unified Key Setup (LUKS), BitLocker and PrivateCore vCage memory encryption.

#Intel trusted platform module driver windows 8 how to

These metrics can be used to detect changes to previous configurations and decide how to proceed. When TPM is used, the firmware and the operating system are responsible for ensuring integrity.įor example, Unified Extensible Firmware Interface (UEFI) can use TPM to form a root of trust: The TPM contains several Platform Configuration Registers (PCRs) that allow secure storage and reporting of security-relevant metrics. This is to ensure that the boot process starts from a trusted combination of hardware and software, and continues until the operating system has fully booted and applications are running.

In this context, "integrity" means "behave as intended", and a "platform" is any computer device regardless of its operating system. The primary scope of TPM is to ensure the integrity of a platform. Security embedded in hardware provides more protection than a software-only solution. Ĭomputer programs can use a TPM to authenticate hardware devices, since each TPM chip has a unique and secret Endorsement Key (EK) burned in as it is produced.

Other Trusted Computing functions for the data to be decrypted (unsealed).

Sealing: Similar to binding, but in addition, specifies the TPM state for the data to be decrypted (unsealed).

Binding: Encrypts data using the TPM bind key, a unique RSA key descended from a storage key.

The software in charge of hashing the setup determines the extent of the summary.

One could use the hash to verify that the hardware and software have not been changed.

Remote attestation: Creates a nearly unforgeable hash key summary of the hardware and software configuration.

Facilities for the secure generation of cryptographic keys for limited uses.

Part 4 – Supporting Routines (added in TPM 2.0).

Part 1 – Architecture (renamed from Design Principles).

Each part consists of a document that makes up the whole of the new TPM specification. When a new revision is released it is divided into multiple parts by the Trusted Computing Group. The group continues work on the standard incorporating errata, algorithmic additions and new commands, with its most recent edition published as 2.0 in November 2019.

#Intel trusted platform module driver windows 8 upgrade

On April 9th, 2014 the Trusted Computing Group announced a major upgrade to their specification entitled TPM Library Specification 2.0. TPM Main Specification Version 1.2 was finalized on March 3, 2011, completing its revision. Trusted Platform Module (TPM) was conceived by a computer industry consortium called Trusted Computing Group (TCG), It evolved into TPM Main Specification Version 1.2 which was standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11889:2009.

7.1 2017 weak key generation controversy.