HP-UX Trusted Computing Services A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Trusted Computing Services (TCS) Software

Table of Contents

About This Document.........................................................................................................9

Intended Audience.................................................................................................................................9

New and Changed Information in This Edition.....................................................................................9

Typographic Conventions......................................................................................................................9

Related Information..............................................................................................................................10

Publishing History................................................................................................................................10

HP Encourages Your Comments..........................................................................................................10

1 Trusted Computing Systems Overview.......................................................................11

Technology Overview...........................................................................................................................11

Architecture..........................................................................................................................................12

System Firmware.............................................................................................................................12

TPM Device Driver..........................................................................................................................12

TSS Device Driver Library...............................................................................................................12

The tcsd Daemon...........................................................................................................................12

System Persistent Storage...........................................................................................................13

Port Number...............................................................................................................................13

The tcsd.conf Configuration File.........................................................................................13

TSPI Library.....................................................................................................................................13

TPM Management Utilities.............................................................................................................13

On-Demand Encryption Utilities....................................................................................................13

TCS RSA Key Utility and TPM OpenSSL Engine............................................................................14

TCS RSA Key Utility..................................................................................................................14

TPM EVFS Library...........................................................................................................................14

TPM Key Hierarchy..............................................................................................................................14

TPM Key Storage.............................................................................................................................15

Storage Root Key (SRK)...................................................................................................................16

Roaming Key (RK)...........................................................................................................................16

Migratable Keys.........................................................................................................................16

System Specific Storage Key (SK)....................................................................................................16

TCS Application Keys......................................................................................................................16

TCS On-Demand Encryption Keys............................................................................................16

TCS RSA Key Pairs.....................................................................................................................17

TCS EVFS Keys...........................................................................................................................17

Chain of Protection...............................................................................................................................17

2 Installing TCS................................................................................................................19

Installing TCS........................................................................................................................................19

Step 1: Enabling the TPM................................................................................................................19

Enabling the TPM from the EFI Boot Manager..........................................................................19

Enabling the TPM from the EFI Shell.........................................................................................22

Step 2: Acquiring TCS Software......................................................................................................23

Step 3: Installing TCS Software........................................................................................................23

Deferring TCS Configuration.....................................................................................................24

TCS Software Configuration Details..........................................................................................24

Step 4: Verifying the TCS Installation .............................................................................................24

Step 5: Verifying TCS Operation.....................................................................................................24

Step 6: Backing Up TCS System Data Files and TPM Keys.............................................................25

Upgrading or Reinstalling TCS.............................................................................................................25

Table of Contents 3