A Method to Detect Physical Presence in the CRTM
Original Publication Date: 2002-Jun-11
Included in the Prior Art Database: 2003-Jun-20
TCPA specifications require that the Core Root of Trust Measurement (CRTM) determine whether or not a human operator is physically present at a system to enable certain TPM functions. Typically, the CRTM is implemented within the bootblock BIOS function. Since the bootblock function (and therefore the CRTM) executes before the keyboard and display are available, another means of detecting the presence of a person must be employed. This disclosure describes a method of determining if a person is present prior to the initialization of the keyboar and video subsystems. The problem can be solved by determining whether the system was powered on remotely or locally. What differentiates a local event (power button, depression of a key, mouse movement, etc) from a remote event (wake on ring, wake on alarm, wake on LAN packet, etc) is that an operator must take some physical action at the local system for the local wake event to occur. If the CRTM can distinguish between a local wake event and a remote wake event, the information can be used to infer the presence or absence of a operator. Since modern power controllers contain some method of indicting the reason they powered on (usually bits in a register in the core chip set), the CRTM can determine the reason for power on by examining the power controller. If the controller indicates a local power on event has occurred such as a power switch , power strip, etc. , the CRTM can assume the presence of an operator. This enables the BIOS to meet the TCPA requirements without adding any additional hardware.