Practical Guide to Trusted Computing, A

Reihe
Pearson
Autor
David Challener / Kent Yoder / Ryan Catherman / David Safford / Leendert Van Doorn  
Verlag
IBM Software Press
Einband
Softcover
Auflage
1
Sprache
Englisch
Seiten
384
Erschienen
Dezember 2007
ISBN13
9780132398428
ISBN
0132398427
Related Titles


Produktdetail

Artikel Preis SFr Verfügbar  
9780132398428
Practical Guide to Trusted Computing, A
55.90 ca. 7-9 Tage

Description

Use Trusted Computing to Make PCs Safer, More Secure, and More Reliable

 

Every year, computer security threats become more severe. Software alone can no longer adequately defend against them: what's needed is secure hardware. The Trusted Platform Module (TPM) makes that possible by providing a complete, open industry standard for implementing trusted computing hardware subsystems in PCs. Already available from virtually every leading PC manufacturer, TPM gives software professionals powerful new ways to protect their customers. Now, there's a start-to-finish guide for every software professional and security specialist who wants to utilize this breakthrough security technology.

 

Authored by innovators who helped create TPM and implement its leading-edge products, this practical book covers all facets of TPM technology: what it can achieve, how it works, and how to write applications for it. The authors offer deep, real-world insights into both TPM and the Trusted Computing Group (TCG) Software Stack. Then, to demonstrate how TPM can solve many of today's most challenging security problems, they present four start-to-finish case studies, each with extensive C-based code examples.

 

Coverage includes

  • What services and capabilities are provided by TPMs
  • TPM device drivers: solutions for code running in BIOS, TSS stacks for new operating systems, and memory-constrained environments
  • Using TPM to enhance the security of a PC's boot sequence
  • Key management, in depth: key creation, storage, loading, migration, use, symmetric keys, and much more
  • Linking PKCS#11 and TSS stacks to support applications with middleware services
  • What you need to know about TPM and privacy--including how to avoid privacy problems
  • Moving from TSS 1.1 to the new TSS 1.2 standard
  • TPM and TSS command references and a complete function library

 

Table of Contents

                        Preface  xvii

                        About the Authors  xxvii

 

Part I               Background Material

Chapter 1        Introduction to Trusted Computing  3

Chapter 2        Design Goals of the Trusted Platform Module  13

Chapter 3        An Overview of the Trusted Platform Module Capabilities  29

 

Part II              Programming Interfaces to TCG

Chapter 4        Writing a TPM Device Driver  45

Chapter 5        Low-Level Software: Using BIOS and TDDL Directly  59

Chapter 6        Trusted Boot  69

Chapter 7        The TCG Software Stack  77

Chapter 8        Using TPM Keys  103

Chapter 9        Using Symmetric Keys  127

Chapter 10      The TSS Core Service (TCS)  141

Chapter 11      Public Key Cryptography Standard #11  157

 

Part III             Architectures

Chapter 12      Trusted Computing and Secure Storage  181

Chapter 13      Trusted Computing and Secure Identification  207

Chapter 14      Administration of Trusted Devices  231

Chapter 15      Ancillary Hardware  243

Chapter 16      Moving from TSS 1.1 to TSS 1.2  249

 

Part IV             Appendixes

Appendix A      TPM Command Reference  293

Appendix B      TSS Command Reference  303

Appendix C      Function Library  321

Appendix D      TSS Functions Grouped by Object and API Level  323

 

Index  333

 

Back Cover

Use Trusted Computing to Make PCs Safer, More Secure, and More Reliable

 

Every year, computer security threats become more severe. Software alone can no longer adequately defend against them: what's needed is secure hardware. The Trusted Platform Module (TPM) makes that possible by providing a complete, open industry standard for implementing trusted computing hardware subsystems in PCs. Already available from virtually every leading PC manufacturer, TPM gives software professionals powerful new ways to protect their customers. Now, there's a start-to-finish guide for every software professional and security specialist who wants to utilize this breakthrough security technology.

 

Authored by innovators who helped create TPM and implement its leading-edge products, this practical book covers all facets of TPM technology: what it can achieve, how it works, and how to write applications for it. The authors offer deep, real-world insights into both TPM and the Trusted Computing Group (TCG) Software Stack. Then, to demonstrate how TPM can solve many of today's most challenging security problems, they present four start-to-finish case studies, each with extensive C-based code examples.

 

Coverage includes

  • What services and capabilities are provided by TPMs
  • TPM device drivers: solutions for code running in BIOS, TSS stacks for new operating systems, and memory-constrained environments
  • Using TPM to enhance the security of a PC's boot sequence
  • Key management, in depth: key creation, storage, loading, migration, use, symmetric keys, and much more
  • Linking PKCS#11 and TSS stacks to support applications with middleware services
  • What you need to know about TPM and privacy--including how to avoid privacy problems
  • Moving from TSS 1.1 to the new TSS 1.2 standard
  • TPM and TSS command references and a complete function library

 

Author

David Challener went to work for IBM in East Fishkill after graduating with his Ph.D. in Applied Mathematics from the University of Illinois, (Urbana-Champaign). After helping design the first TPM (representing IBM), he became chair of the TCG TSS committee. When the IBM PC division was sold to Lenovo, he became a Lenovo employee, where he has represented the company on the TCG Technical Committee, TPM workgroup, and many other groups, while continuing to chair the TSS committee. Currently he is the Lenovo Board Member for TCG.

 

Kent Yoder has been working for the IBM Linux® Technology Center since graduating from Purdue University with a degree in Computer Science in 2001. He has represented IBM on the TCG TSS committee and has helped write and maintain TrouSerS, an open-source TSS library that implements the TSS software specification for the TCG TPM hardware.

 

Ryan Catherman was a member of the Trusted Computing Group, including active memberships in the TSS and TPM working groups while employed at IBM. He was also coauthor of the IBM implementation of Trusted Computing software at its inception and originator of Unix versions of this software. Currently, he works for Opsware Incorporated, a recent HP acquisition, and holds a masters degree in Computer Engineering.

 

David Safford is a researcher at IBM's T. J. Watson Research Center in Hawthorne, New York. There he has led security research in numerous areas, including ethical hacking, threat analysis, security engineering, intrusion detection sensors, vulnerability scanning, cryptography, and operating system security. Prior to coming to IBM in 1996, he was Director of Supercomputing and Networking at Texas A&M University, and an A-7 pilot in the United States Navy.

 

Leendert van Doorn is a Senior Fellow at AMD where he runs the software technology office. Before joining AMD he was a senior manager at IBM's T.J. Watson Research Center, where he managed the secure systems and security analysis departments. He received his Ph.D. from the Vrije Universiteit in Amsterdam where he worked on the design and implementation of microkernels. Nowadays his interests are in managed runtime systems, accelerated computing (AMD's name for heterogenous and homogenous manycore computing), security, and virtualization. In his former job at IBM he worked on FIPS 140-2 level 4 physically secure coprocessors, trusted systems, and virtualization. He was also actively involved in IBM's virtualization strategy, created and lead IBM's secure hypervisor and trusted virtual data center initiatives, and was on the board of directors for the Trusted Computing Group. Despite all these distractions, he continued to contribute code to the Xen open-source hypervisor, such as the integrated support code for AMD-V and Intel®VT-x. When conference calls and meetings are getting too much for him, he is known to find refuge at CMU.