没有合适的资源?快使用搜索试试~ 我知道了~
How_to_Use_TPM_Whitepaper_20090302_Final_3_.pdf
需积分: 1 0 下载量 191 浏览量
2023-07-21
06:32:44
上传
评论
收藏 95KB PDF 举报
温馨提示
试读
2页
TPM 相关技术规范
资源推荐
资源详情
资源评论
Copyright© 2009 Trusted Computing Group—Other names and brands are properties of their respective owners.
How to Use the TPM: A Guide to Hardware-Based Endpoint Security
Taking advantage of the inherent security provided by
the Trusted Platform Module (TPM)
Can you really feel sorry for a person whose car is stolen when the keys are left in it? Surprisingly, in a
quite similar manner, many IT administrators are doing just that by not using a security feature they have.
The Trusted Computing Group’s root of trust, the Trusted Platform Module (TPM), is an integral part of
virtually every enterprise level computer sold today.
The TPM, a secure cryptographic integrated circuit (IC), provides a hardware-based approach to manage
user authentication, network access, data protection and more that takes security to higher level than
software-based security. Perhaps surprisingly to many IT and operations staff, the TPM can be combined
with widely used enterprise hardware such as network policy enforcement points, including
Checkpoint
firewalls, Cisco switchers and routers, and other 802.1x-compatible devices.
For those wondering about standards, the International Standard Organization’s (ISO) JTC1 (ISO/IEC
Joint Committee 1) has approved the transposition of TCG’s TPM 1.2 specification to an ISO/IEC
standard. With the completion of the comments resolution process currently underway, publication of
ISO/IEC 11889, Parts 1-4 is expected in the first half of 2009. This will make the TPM an even more well-
established standard security tool, and yet, strangely, many organizations have not taken advantage of its
capability.
Why Not?
Potential added cost and complexity are two of the most frequently cited reasons for not using the TPM.
Since the TPM comes as standard equipment at very little or no additional cost on enterprise-level
computers and there are over 100 million computers with a TPM, the potential for its presence within an
organization is quite high. So the real issue must be complexity, or, as it turns out, perceived complexity.
An example is the best way to disprove the complexity myth. It requires only four simple steps to enable
and use the TPM.
This is the first step to leverage the TPM’s capabilities. Some vendors now offer applications that
remotely provision the TPM and manage it, eliminating the need to “touch” each system. In this way,
thousands of systems quickly can be made more secure.
Once the TPM is activated, users can easily encrypt files, folders and email as well as more securely
manage passwords. To meet multi-factor authentication requirements, the TPM complements fingerprint
Four
steps to enable and use the TPM
1) Turn on the TPM from the BIOS.
2) Load available TPM utility software. Dell, HP, Lenovo and others include software
applications for using the TPM in their business desktop and notebook products.
3) Enable the TPM and take ownership. This is the password that is used for permission to
other functions including generate keys.
4) Use the TPM to generate Keys for a specific need such as fetching a virtual private network
(VPN) Certificate using the Microsoft CA (Certificate Authority). To leverage the TPM, the
Microsoft CA needs to be told which Cryptographic Service Provider (CSP) to use. Selecting
advanced and then the CSP of choice will cause the Key pair to be generated using the
TPM.
资源评论
书香度年华
- 粉丝: 1w+
- 资源: 383
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功