Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Memory Access
TPM Commands
Other Ext Access
TSS Software
Interface
Platform Firmware OS
PC Client Firmware
(BIOS) Driver
Other Interface
platform PTP (FED4_XXXX) FIFO / CRB
profiles:
PC-Client Platform
Server,
TPM Profile Spec Required Resources,
TPM
Mobile,
Automotive… Algorithms, PCRs, etc.
Measure
ACM (TXT
CRTM / BtG) BIOS Measure ... Measure
Boot Loader OS
Large # of Small # of
measurements PCRs
Sealed
Data
Remote Attestation: Quote
Basic feature of trusted computing is
an ability of platform to report its
Signing
Key
TPM
Handle
current execution snapshot encoded
in PCR values to remote site.
Attestation Key Caller
data Example: TPM Quote
o TPM Quote is signed data blob
List of
containing PCR values
PCRs
Requester sends qualifying data, list
PCR[a,b, …] of PCRs
S-CRTM
SENTER Dynamic Trust Chain
D-CRTM
PCR PCR
Locality
• Access Control to TPM Resources
Locality provides identity (source authentication) of component accessing TPM
Locality 0
Internal TPM
ACCESS
Registers ▪▪▪ Locality 1
STATUS ACCESS
DATA ▪▪▪
ACCESS INTRF STATUS Locality 2
DATA
ACCESS
▪▪▪ INTRF ▪▪▪ Locality 3
STATUS ACCESS
Locality 4
STATUS DATA ▪▪▪
INTRF STATUS ACCESS
DATA DATA ▪▪▪
INTRF STATUS
INTRF DATA
INTRF
FED40000
FED41000
FED42000
FED43000
FED44000
OS/VMM
ACM
MLE
HW
All