The Trusted Platform Computing Alliance (TPCA) in the TPCA's Main Specification, Version 1.1a, dated 1 Dec. 2001 describes a Trusted Platform Module (TPM) or token that provides increased confidence and that enables enhancements of existing services and new services. The token supports auditing and logging of software processes, platform boot integrity, file integrity, and software licensing. The token provides a protected information store for the platform (e.g., a personal computer), and can be used to attest to the identity of the platform as defined by the hardware that is present (e.g. processors, chipsets, firmware, etc.) on the platform. The secure features of the token encourage third parties to grant the platform access to information that would otherwise be denied.
The token contains an isolated computing engine whose processes can be trusted because they cannot be altered. These processes and the binding of the subsystem to the platform combine to reliably measure and report the state of the main computing environment inside the platform. The token provides a root of trust for the booting of the platform. A local or remote entity may query the token to reliably obtain security information and decide whether the platform's behavior enables it to be trusted for the intended purpose. Confidence in the loading of software is improved, because the token can attest to the current state of the operating system.
The token may include several registers, that may be used to store encrypted digests of files, including software programs, which may be retrieved and authenticated. Information written to and read from the token is to be secure in order for third parties to trust the platform. The mapping of the registers as traditional Input/Output (I/O) mapped registers is undesirable as a device on the same interface as the token may be programmed to map to the same I/O addresses, thereby compromising the security of the token.