Browse Prior Art Database

A secure method using physical presence of user (biometric and token) to determine whether an emulated TPM will either install or perform an operation

IP.com Disclosure Number: IPCOM000147463D
Original Publication Date: 2007-Mar-16
Included in the Prior Art Database: 2007-Mar-16
Document File: 1 page(s) / 22K

Publishing Venue

Lenovo

Abstract

This describes the use of a biometric to determine which version of Trusted Platform Module firmware is loaded into a TPM chip.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 80% of the total text.

Page 1 of 1

A secure method using physical presence of user (biometric and token) to determine whether an emulated TPM will either install or perform an operation

     As e-commerce, e-government and e-business grows with increasing threat of cybercrime there is a trade-off emerging in the use of security technologies for protecting data and authenticating identities and transactions. IT owners of processes involving these identities and transactions desire to use specific encryption algorithms tailored to their risk profiles. Associated with these algorithms, they want to use specific, feature set implementations of Trusted Platform Modules(TPM) to support the required assurance level of their end to end systems and operational models. The typical approach of implementing various algorithms and TPMs as delivered in unique or integrated hardware devices will keep costs of security higher. What is needed is a flexible, but secure approach to use a secure programmable microcontroller to support various selectable encryption algorithms and incorporate these into the emulation of different instances of TPM hardware. To have this flexibility for being able to select multiple TPM emulators, end users and IT owners need a method to ensure they have physical control over the installation and a specific operation of the TPM.

     An end user or IT owner via the use of an application will specify which TPM is to loaded or which TPM operation is to be inv...