Quick Reference Guide
4 Trusted Platform Module (TPM) Quick Reference Guide
Trusted Platform Module (TPM)
The Trusted Platform Module is a component on the desktop
board that is specifically designed to enhance platform security
above-and-beyond the capabilities of today’s software by
providing a protected space for key operations and other
security critical tasks. Using both hardware and software, the
TPM protects encryption and signature keys at their most
vulnerable stages—operations when the keys are being used
unencrypted in plain-text form.
The TPM is specifically designed to shield unencrypted keys and
platform authentication information from software-based
attacks.
System Requirements
• Intel
®
Desktop Boards Executive or Extreme Series
• Microsoft Windows* XP Professional (SP2) or Microsoft
Windows Vista* operating system
• NTFS file system
• Microsoft Internet Explorer 5.5 or later
• Adobe* Acrobat* 5.0 or later
Security Precautions
Security, like any other aspect of computer maintenance,
requires planning. What is unique about security has to do with
understanding who "friends" are and who adversaries are. The
TPM provides mechanisms to enable the owner/user to protect
their information from adversaries. To provide this protection,
the TPM effectively puts "locks" around the data. Just like
physical locks, if keys or combinations are lost, the assets
(data) may be inaccessible not only to adversaries, but also to
the asset owner/user.
The TPM provides two classes of keys: migratable and non-
migratable. Migratable keys are designed to protect data that
can be used (unencrypted) on more than one platform. One
advantage is allowing the key data to be replicated (backed-up
and restored) to another platform. This may be because of
user convenience (someone uses more than one platform, or
the data needs to be available to more than one person
operating on different platforms). Another advantage to this
type of key is that it can be backed-up and restored from a
defective platform onto a new platform.