Abstract
The trusted platform module (TPM) is a tamper-resistant component that provides roots of trust in secure computing and remote attestation frameworks. In this chapter, we briefly discuss the TPM architecture, operations and services. The discussion is then extended to the mobile trusted module (MTM)—to contrast and compare different approaches to implement a trusted platform architecture. This illustrates the vital role the ecosystem of a computing platform plays in the architectural design decisions regarding the root of trust in a trusted platforms.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
TCG: It is a non-profit industry standard organisation that “develop, define and promote vendor neutral specifications for trusted computing”. Web site: http://www.trustedcomputinggroup.org/.
- 2.
Integrity Matrix: To provide integrity assurance of a platform component, a TPM generates the hash of individual subcomponents, this individual measurement is referred to as an integrity measurement. Whereas, integrity matrix is the condensed value of the integrity measurements that represent the overall state of the respective platform component (Sect. 4.3.4.1).
- 3.
Platform Authentication: It provides the proof the platform’s identity and this identity may or may not be associated with the respective user. A TPM can have unlimited number of platform identities that are usually generated by the TPM itself (discussed further in Sect. 4.3.3).
- 4.
Platform Attestation: It provides the proof that a platform can be trusted by providing the cryptographically signed integrity matrix of the respective platform (further discussed in Sect. 4.3.4.4).
References
TPM Main: Part 1 Design Principles, Online, Trusted Computing Group (TCG) Specification 1.2, Rev. 116, March 2011.
ISO/IEC 11889–1: Information Technology - Trusted Platform Module - Part 1: Overview, Online, International Organization for Standardization (ISO) Standard 11 889–1, May 2009.
Standard Specifications for Public Key Cryptography, Online, Institute for Electrical and Electronics Engineers (IEEE) Standard 1363–2000, January 2000.
H. Krawczyk, M. Bellare, and R. Canetti, HMAC: Keyed-Hashing for Message Authentication, Online, Network Working Group Requst for Comments 2104, February 1997.
FIPS 180–2: Secure Hash Standard (SHS), National Institute of Standards and Technology (NIST) Std., 2002.
TPM Main: Part 3 Commands, Online, Trusted Computing Group (TCG) Specification 1.2, Rev. 116, March 2011.
ISO/IEC 11889–2: Information technology - Trusted Platform Module - Part 2: Design principles, International Organization for Standardization (ISO) Std., May 2009.
E. Brickell, J. Camenisch, L. Chen, “Direct anonymous attestation”, in Proceedings of the 11th ACM conference on Computer and communications security, ser. CCS ’04. New York, NY, USA: ACM, 2004, pp. 132–145. [Online]. Available: http://doi.acm.org/10.1145/1030083.1030103
“Intel Trusted Execution Technology (Intel TXT)”, Intel Corporation, Software Development Guide 315168–008, March 2011. [Online]. Available: http://download.intel.com/technology/security/downloads/315168.pdf
TCG Mobile Trusted Module Specification, Online, Trusted Computing Group (TCG) Specification 1.0, Rev. 6, June 2008.
P. Wilson, A. Frey, T. Mihm, D. Kershaw, and T. Alves, “Implementing Embedded Security on Dual-Virtual-CPU Systems”, IEEE Design and Test of Computers, vol. 24, pp. 582–591, 2007.
, “ARM Security Technology: Building a Secure System using TrustZone Technology”, ARM, White Paper PRD29-GENC-009492C, 2009.
—, “M-Shield Mobile Security Technology: Making Wireless Secure”, Texas Instruments, Whilte Paper, February 2008.
GlobalPlatform Device Technology: Device Application Security Management - Concepts and Description Document Specification, Online, GlobalPlatform Specification, April 2008.
, “GlobalPlatform Device: GPD/STIP Specification Overview”, GlobalPlatform, Specification Version 2.3, August 2007.
GlobalPlatform: GlobalPlatform Card Specification, Version 2.2,, GlobalPlatform Std., March 2006.
F. C. Bormann, L. Manteau, A. Linke, J. C. Pailles, and J. D. van, “Concept for Trusted Personal Devices in a Mobile and Networked Environment”, in 15th IST Mobile & Wireless Communications Summit, June 2006.
R. N. Akram, K. Markantonakis, and K. Mayes, “A Paradigm Shift in Smart Card Ownership Model”, in Proceedings of the 2010 International Conference on Computational Science and Its Applications (ICCSA 2010), B. O. Apduhan, O. Gervasi, A. Iglesias, D. Taniar, and M. Gavrilova, Eds. Fukuoka, Japan: IEEE Computer Society, March 2010, pp. 191–200.
—, “User Centric Security Model for Tamper-Resistant Devices”, in 8th IEEE International Conference on e-Business Engineering (ICEBE 2011), J. Li and J.-Y. Chung, Eds. Beijing, China: IEEE Computer Science, October 2011.
Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model, Part 2: Security Functional Requirements, Part 3: Security Assurance Requirements, Common Criteria Std. Version 3.1, August 2006.
Acknowledgments
The authors want to thank the reviewers for their constructive comments which were helpful to improve this chapter.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Akram, R.N., Markantonakis, K., Mayes, K. (2014). An Introduction to the Trusted Platform Module and Mobile Trusted Module. In: Markantonakis, K., Mayes, K. (eds) Secure Smart Embedded Devices, Platforms and Applications. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-7915-4_4
Download citation
DOI: https://doi.org/10.1007/978-1-4614-7915-4_4
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-7914-7
Online ISBN: 978-1-4614-7915-4
eBook Packages: Computer ScienceComputer Science (R0)