Top Ten Trusted Platform Module Applications

Posted by Ken Y-N on July 2nd, 2008 at 10:52pm

Brian Berger from Wave Systems and Director of the Trusted Computing Group highlights some of the things you can do today with your Trusted Platform Module (TPM), and ends with the top ten uses for a TPM.

  1. Multi-factor authentication: The TPM becomes one factor in allowing or denying access, so it can be combined with biometrics and digital certificates for stronger authentication.
  2. Strong login authentication: Even when used for single-factor authentication the TPM can be stronger than traditional password solutions.
  3. Machine binding: Ensure all data saved to external media is encrypted by a key managed by the TPM.
  4. Digital signatures: A trusted audit trail can be created using the TPM to produce tamper-resistant digital signatures for documents, an important feature for compliance with requirements of Sarbanes-Oxley (SOX) for a provable and auditable chain of trust.
  5. Password vaults: People should use stronger passwords, so the TPM provides a convenient store for such information. Even if you get your computer stolen, passwords are securely locked away, and in addition the TPM provides an easy way to backup this information and restore it to a replacement machine.
  6. File and folder encryption: Currently Microsoft Vista offers BitLocker and MS Encrypted File System (EFS), both of which allow file-level encryption. Other third-party applications are also available.
  7. Strong client/server authentication: Embassy Trust Suite from Wave Systems allows remote management of TPMs such as key escrow, backup and recovery, key features that demonstrate compliance with various regulations.
  8. Network access control: The Trusted Network Connect (TNC) framework allows a TPM-equipped computer to attest to the TPM’s identity and the health of the host system before granting access to network resource, and even quarantining the computer in real time if it gets infected.
  9. Endpoint integrity: On shutdown, the TPM can create a hash describing the state of the computer for reporting to a host, and on startup recalculate to prove to the host it has not been tampered with. This hashing can also be performed at any time, to detect and report dynamic tampering with the trusted application stack.
  10. Trusted client/server security: Not just the client, but now IBM and others are shipping servers with TPMs. Thus, clients can now ensure the servers are trusted, forging a true two-way trusted relationship.

The article’s a lot more than just the top ten, so be sure to read the full story on SC Magazine here.

Tags:

Under Advocacy Tags:

Leave a Comment for Top Ten Trusted Platform Module Applications

Required

Required, hidden

RSS Comments Feed RSS Comments Feed  |  Trackback this post

Recent Articles
Adverts

Tags
Blogroll
Categories