The security of computers and computer transactions is important. The use of computers is pervasive for both business and personal use. Data stored on computers may have high value. The data may include trade secrets and other confidential business data or personal information such as social security numbers and credit card numbers. The data may present tempting targets to errant hackers and professional criminals.
In addition, computers are increasingly used for electronic business transactions. Improved security is becoming mandatory and consumers and businesses alike are demanding a solution. To improve computer security, Intel helped to form the Trusted Computing Group (TCG), a not-for-profit industry-standards organization with the aim of enhancing the security of the computing environment in disparate computer platforms. The TCG has formed and adopted specifications for more secure computers.
TCG specifications define trusted computer platforms, computer platforms which may behave in a particular manner for a specific purpose. A trusted platform may provide data security functions such as data encryption and decryption and data storage. A key component of a trusted platform is the trusted platform module (TPM), a module which may perform cryptographic hashings to detect loss of integrity, public and secret key encryption to prevent unauthorized disclosure of data, and digital signing to authenticate transmitted information. The TCG Protected Storage mechanisms, which may be rooted in hardware, may be used to protect keys, secrets and hash values.
A trusted platform may also demonstrate that it operates in a safe configuration when it has access to confidential data by providing measurements of the configuration. TCG specifications provide for measuring the components of a computer platform, both hardware and software, and for storing the results of the measurements. The measurements of a configuration may be hashed and stored in Platform Configuration Registers (PCRs). A trusted platform may allow access to data only under a particular configuration of the trusted platform. The TPM seal operation may encrypt data, a set of PCR values, and an authorization or unique identifier. To unseal the data, and thereby gain access to it, the authorization must be presented and the set of values stored in the PCRs must match the set used in the seal operation. Similarly, a signing key may be sealed to a set of PCR values.
A TPM may transition from one execution mode or state to another. For example, a TPM may be disabled or deactivated (temporarily disabled). Similarly, a TPM may be enabled to accept an owner. As a safeguard, changing the state of a TPM may require a demonstration of physical presence. The demonstration of physical presence on a computer may constitute some operator action on a component of the computer such a depressing a push-button, typing a character from a keyboard, plugging in the AC power plug on some laptops, or switching a jumper.
The physical presence requirement may cause an economic burden in many computing facilities. The computers in these facilities may be administered remotely thousands of miles from the physical site of the computers. For example, these facilities may deploy enterprise servers, such as an IBM Bladecenter™-conformant rack or a pool of back-end servers in a data center. To assert physical presence may require a technician to visit each machine, shipping the machines to the administration site and shipping them back, or instructing an untrained local technician over the telephone how to assert physical presence. Further, even when a qualified technician is on-site, a manual assertion of physical presence may be time consuming. The technician may be required to access a particular blade server in a rack and wait until the blade server boots and reaches the correct operational state before manually interacting with the blade server.