Copyright© 2005 Trusted Computing Group—Other names and brands are properties of their respective owners.
1
Trusted Platform Modules Strengthen User and Platform Authenticity
January 2005
Computing and communications products with embedded Trusted Platform Modules (TPMs)
advance the ability of businesses, institutions, government agencies, and consumers to conduct
trustworthy electronic transactions. TPMs are special-purpose integrated circuits (ICs) built into a
variety of platforms to enable strong user authentication and machine attestation—essential to
prevent inappropriate access to confidential and sensitive information and to protect against
compromised networks. Trusted Platform Modules utilize open standards and technologies to
ensure interoperability of diverse products in mixed-vendor environments.
Trustworthy Transactions
Businesses of all sizes, institutions, government agencies, and consumers rely on millions of
digital transactions everyday. The volume and the importance of these transactions are rapidly
increasing. Wired and wireless systems used in digital interactions are woven into the very fabric
of business and everyday life around the world. Being able to trust the identities of the
participants, the authenticity of the contents, and the integrity of the systems involved in digital
events is crucial. Robust security is essential for trusted communications; but it is surprising how
many organizations rely on weak security solutions, believing they are engaged in trustworthy
processes when they are not. It has been estimated that more than half of all desktop, laptop, and
notebook PCs lack today’s available software security features. To address the risks caused by
inadequate security, integrated security hardware in the platform can not only strengthen the
software solutions, but also assure that every platform comes with strong protection built in.
When the integrity of the services isn’t reliable and cannot be proved, the consequence may be
catastrophic. Victims of stolen personal, confidential, or sensitive information lose much more
than data. Unauthorized changes to system parameters generate unintended expenses for
system rebuilding and may jeopardize the future of an enterprise. If that’s not bad enough,
consider that corruption of important records—or even the perception of compromised integrity—
may have severe legal consequences with criminal and civil penalties.
Intruders hack into networks with increasing frequency. Malicious corruption of records and
inadequately protected systems regularly compromise legitimate transactions. Lost and stolen
laptops can be a gold mine of critical information and a free pass to the network. Even cell
phones and PDAs are under attack. Hardware-based, embedded security subsystems based on
TPM chips provide reliable protections against these issues and enable truly cost-effective
implementation and enforcement of strong security policies to ensure trustworthy transactions.
Strong User Authentication and Device Validation
Strong user authentication and device validation are essential for trusted digital interactions. Both
are necessary to protect against inappropriate access to sensitive and confidential information
and valued systems. Both are required to protect the integrity of the information, prevent
corruption of the files, and ensure the integrity of those systems. Ultimately, it comes down to two
basic questions:
Who are you and how do I know this is true?
剩余7页未读,继续阅读
资源评论
