Skip to content

SANS Trusted Computing

June 26, 2013

SANS Institute has developed a guide to update organizations on exciting new uses for implementing hardware roots of trust, enabled by the Trusted Platform Module (TPM). The guide will be available at http://www.sans.org/info/133497.

In the document, SANS looks at the broad industry support for TPM, the standards behind it. The report also provides updates on how TPMs are widely used in many computing devices, from mobile phones to low-cost Chromebook computers to high-end servers. Operating system support, including Windows, is also reviewed with discussion of the TPM’s security capabilities in Windows 8 and the upcoming Windows 8.1. The report also examines how self-encrypting drives, or SEDs can be used for additional enterprise security and data protection.

“In researching the progress TCG has made with the TPM, I was surprised to find just how much more widespread and mature these technologies are than even just two or three years ago,” says Gal Shpantzer, security analyst and SANS instructor who authored the paper. “We’re really seeing the diversity of platforms and use cases for the hardware root of trust that TCG has been promoting and coordinating for a full decade now.”

The paper details how the TPM measures and verifies the state of a system to ensure it has not been tampered with or injected with malware. Among other things, readers will learn:

How the standards-based TPM root of trust is gaining traction in formal security leadership in the government (through NIST SP 800-164 and NSA HAP, or High Assurance program and other programs, for example)

Where and how TPM is embedded in hardware, as demonstrated in case studies from $250 Chromebooks with TPM for boot integrity on the consumer-grade devices to enterprise Windows 12 Servers

Case studies on how TPM is implemented at pre-boot to protect against tampering and bootkits (formerly known as rootkits)
Examples of TPM use for classified, multi-level desktop virtualization in the Air Force Research Labs (AFRL) SecureView program

“We’re big believers in Trusted Computing Group and its mission as is evidenced by the strong dependencies that Windows has taken on TCG technologies such as UEFI [Unified Extensible Firmware Interface], TPM and SEDs,” says Microsoft’s Chris Hallum. “We’ll continue to look for new way to improve Windows security by taking greater advantage the work and standards coming out of the TCG.”

Advertisements

From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: