As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to these users is an information handling system. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may vary with respect to the type of information handled; the methods for handling the information; the methods for processing, storing or communicating the information; the amount of information processed, stored, or communicated; and the speed and efficiency with which the information is processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include or comprise a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
An information handling system may be configured according to the Trusted Platform Module (TPM) specification and may include a TPM processor. A computer system that is TPM-enabled includes a layer of internal security that intended to prevent unauthorized access and modifications to the computer system. In operation, a TPM processor, which is typically located on the motherboard of a computer system, will perform cryptographic authentication of a cryptographic key. Depending on the configuration of the computer system, authentication of a key by the TPM processor may be necessary before the system can complete a boot, whether such boot occurs after a normal shutdown or a failure condition. Authentication of a key after a normal shutdown may also be necessary when changes are made to the hardware or software configuration of the computer system.
In the event of a failure or a reconfiguration of a TPM-enabled computer system, the user or administrator of the computer system will have to provide the key for computer system, sometimes referred to as a recovery key, in order to complete the boot of the computer system. In an enterprise computing environment, it is difficult for a single administrator to manage the keys for multiple computer systems, which may be located distant from the physical location of the administrator.