Trusted Computing Group Information & Trusted Computing Group Links at HealthHaven.com
advertise
add site
services
publishers
database
health videos
Bookmark and Share

search wiki for    ?
web dir firms image gallery news pdf wiki shop video 
about
toolbar
stats
live show
health store
more stuff
JOIN/LOGIN
Featured Results:
Subspecialty Group | The Trusted Leader in Pediatric...
Subspecialty Group | The Trusted Leader in Pediatric...
mcsgkids.com		 Compute Against Cancer: Frontier Compute Engine Installation Instructions
Compute Against Cancer: Frontier Compute Engine Installation Instructions
computeagainstcancer.org		 San Diego CT - Computed Tomography Imaging, Emission Computed Tomography...
San Diego CT - Computed Tomography Imaging, Emission Computed Tomography...
imaginghealthcare.com		 
Trusted Computing Group
Type Consortium
Founded 2003[1]
Founder(s) AMD, Hewlett-Packard, IBM, Infineon, Intel, Microsoft, Sun Microsystems
Headquarters Beaverton, Oregon[2], USA
Website trustedcomputinggroup.org

The Trusted Computing Group (TCG), successor to the Trusted Computing Platform Alliance (TCPA), is an initiative started by AMD, Hewlett-Packard, IBM, Infineon, Intel, Microsoft, and Sun Microsystems to implement Trusted Computing. Many others followed.

Contents

[edit] Overview

TCG's original goal was the development of a Trusted Platform Module (TPM), a semiconductor intellectual property core or integrated circuit that conforms to the trusted platform module specification put forward by the Trusted Computing Group and is to be included with computers to enable trusted computing features. TCG-compliant functionality has since been integrated directly into certain[specify] mass-market chipsets.

TCG also recently released the first version of their Trusted Network Connect ("TNC") protocol specification, based on the principles of AAA, but adding the ability to authorize network clients on the basis of hardware configuration, BIOS, kernel version, and which updates that have been applied to the OS and anti-virus software, etc.[3]

Seagate has also developed a Full Disk encryption drive which can use the ability of the TPM to secure the key within the hardware chip.

The owner of a TPM-enabled system has complete control over what software does and doesn't run on their system [4] This does include the possibility that a system owner would choose to run a version of an operating system that refuses to load unsigned or unlicensed software, but those restrictions would have to be enforced by the operating system and not by the TCG technology. What a TPM does provide in this case is the capability for the OS to lock software to specific machine configurations, meaning that "hacked" versions of the OS designed to get around these restrictions would not work. While there is legitimate concern that OS vendors could use these capabilities to restrict what software would load under their OS (hurting small software companies or open source/shareware/freeware providers, and causing vendor lock-in for some data formats), no OS vendor has yet suggested that this is planned. Furthermore, since restrictions would be a function of the operating system, TPMs could in no way restrict alternative operating systems from running , including free or open source operating systems. There are several projects which are experimenting with TPM support in free operating systems - examples of such projects include a TPM device driver for Linux[5], an open source implementation of the TCG's Trusted Software Stack called TrouSerS[6], a Java interface to TPM capabilities called TPM/J[7], and a TPM-supporting version of the Grub bootloader called TrustedGrub.[8]

[edit] Related projects

The TPM 1.1 specification envisioned a standard PC platform equipped with a TPM chip. In this scenario, the TPM chip can serve as a hardware key storage. Additionally, it can keep track of so-called measurements of the platform (i.e. hashes of various software) and be able to produce signed statements about the running software chain. Particularly the latter mode of operation proved unfeasible in practice, since the amount of software that has to be measured and trusted is very large - it includes (in addition to the system firmware) the operating system, drivers and application programs. Therefore numerous other TPM-related projects are in progress, the purpose of which is to make it possible to launch and measure a trusted subenvironment from within an untrusted environment. The TPM specification 1.2 has been enhanced to accommodate this mode of operation. Additionally, hardware changes are required in the CPU and chipset (note that this should not be confused with the inclusion of TPM functionality into the chipset even though this is a possibility too). Intel's approach is called Trusted Execution Technology (TXT). Many of Intel's Core 2 Duo CPUs are advertised to support these extensions. However, chipset support is required for the extensions to be operational. Currently, Intel's chipset Q35 Express supports TXT. In addition to chipset support, the mainboard must also feature a TPM 1.2 chip. Intel currently advertises DQ35MP and DQ35JO as being compliant with the technology. The first application of the technology will be a set of manageability enhancements under the brand name vPro. AMD's platform is called Secure Execution Mode.[9]

In 2002-2003, Microsoft announced an initiative called Next-Generation Secure Computing Base (formerly Palladium). This was basically a vision of how a TPM 1.2 chip, CPU, chipset and software could provide an environment and a software ecosystem in which trusted applications (launched from within "regular" Windows) could be developed. Intel's TXT and AMD's SEM can be seen as realizations of the hardware side of the NGSCB vision. Owing to significant difficulties in creating a working implementation that third-party developers were interested in using and in unavailability of the enhancements to CPU and chipset, NGSCB was not included with Microsoft's newest major operating system release, Windows Vista. Instead, Vista ships with a few technologies that can make use of a subset of the functions of the TPM chip (but not of Intel's TXT or AMD's SEM), such as BitLocker Drive Encryption, and a new version of the Microsoft Cryptography API.[10]

[edit] Criticism

For more, see Trusted Computing#Criticism.
Question book-new.svg
 This section does not cite any references or sources.
Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (May 2008)

The group has faced widescale opposition from the free software community on the grounds that the technology they are developing has a negative impact on the users' privacy and can create customer lock-in, especially if it is used to create DRM applications. It has received criticism from the GNU/Linux and FreeBSD communities, as well as the software development community in general. Significant backlash amongst the Trusted Computing Group was present during Richard Stallman's speech at the Hackers on Planet Earth conference in July 2006, in New York. Richard Stallman and the Free Software Foundation have also criticized the group publicly in other speeches. The criticism calls Trusted Computing "Treacherous Computing" instead and warns that vendors can lock out software that is not officially signed by specific vendors, rendering it unusable.

Privacy concerns with the TCG revolve around the fact that each TPM has a unique keypair, called the "endorsement key", that identifies the platform. In initial versions of the TPM (version 1.1), the TCG addressed privacy concerns by suggesting the use of a "Privacy CA" that could certify pseudonymous machine credentials. By having separate credentials for interacting with different parties, actions could not be linked, and so some level of privacy is provided. However, this requires trust in the Privacy CA, who could still link pseudonyms to the common, identifying machine credential. Since this left unresolved privacy concerns, version 1.2 of the TPM specification introduced "Direct anonymous attestation": a protocol based on the idea of a zero-knowledge proof which allows a TPM user to receive a certification in such a way that the Privacy CA would not be able to link requests to a single user or platform, while still being able to identify rogue TPMs.

[edit] ISO Standardization efforts

Some efforts exist to have the Trusted computing specifications standardized by ISO. This was active for a first part in October 2007 and member states of the ISO/DIS JTC1 are expected to send their opinion to ISO by July 24 2008.

The concerned documents are referred to as

  • ISO/IEC DIS 11889-1 Trusted Platform Module -- Part 1: Overview
  • ISO/IEC DIS 11889-2 Trusted Platform Module -- Part 2: Design principles
  • ISO/IEC DIS 11889-3 Trusted Platform Module -- Part 3: Structures
  • ISO/IEC DIS 11889-4 - Trusted Platform Module -- Part 4: Commands

[edit] Members

As of May 2008[11], about 130 enterprises are promoters of, contributors to, or adopters of TCG specifications.

Membership fees vary by level. Promoters pay annual membership fees of $55,000, contributors pay $16,500, and depending upon company size, adopters pay annual membership fees of either $1,000 or $8,250.[12]

Wikitext.svg
 This list of companies may need to be wikified to meet Wikipedia's quality standards. Please help by adding relevant internal links, or by improving the list of companies's layout. (May 2008)

[edit] Promoters

  1. AMD
  2. Fujitsu
  3. Hewlett-Packard
  4. IBM
  5. Infineon
  6. Intel Corporation
  7. Lenovo Holdings Limited
  8. Microsoft
  9. Sun Microsystems, Inc.
  10. Seagate
  11. Wave Systems Corp

[edit] Contributors

  1. American Megatrends Inc.[1]
  2. AMOSSYS
  3. Aruba Networks
  4. Atmel
  5. AuthenTec, Inc.
  6. Broadcom Corporation
  7. Certicom Corp.
  8. Citrix Systems, Inc
  9. Decru
  10. Dell, Inc.
  11. DPHI, Inc.
  12. Emulex Corporation
  13. Enterasys Networks
  14. Ericsson Mobile Platforms AB
  15. ETRI
  16. Extreme Networks
  17. Freescale Semiconductor
  18. Fujitsu Siemens Computers
  19. Gemalto NV
  20. General Dynamics C4 Systems
  21. Giesecke & Devrient
  22. Green Hills Software, Inc.
  23. HID Global
  24. Hitachi, Ltd.
  25. Huawei Technologies Co., Ltd.
  26. Identity Engines
  27. Infoblox
  28. Insyde Software Corp.
  29. InterDigital Communications, LLC
  30. ITE Tech Inc.
  31. Juniper Networks, Inc.
  32. Lancope, Inc.
  33. Lexar Media, Inc.
  34. Lexmark International
  35. LSI Logic
  36. Marvell Semiconductor, Inc.
  37. McAfee, Inc.
  38. Mobile Armor, Inc.
  39. NEC
  40. Nokia
  41. Nokia Siemens Networks GmbH & Co. KG
  42. Nortel
  43. NTRU Cryptosystems, Inc.
  44. NVIDIA
  45. NXP Semiconductors
  46. Oxford Semiconductor
  47. Panasonic Corporation
  48. Phoenix
  49. PMC-Sierra
  50. Renesas Technology Corp.
  51. Ricoh Company LTD
  52. RSA, The Security Division of EMC
  53. Samsung Electronics Co.
  54. SanDisk Corporation
  55. Seagate Technology
  56. Siemens AG
  57. SMSC
  58. Sony Corporation
  59. Spansion LLC
  60. StillSecure
  61. STMicroelectronics
  62. Symantec
  63. Symbian Ltd
  64. Toshiba Corporation
  65. Trapeze Networks, Inc.
  66. Unisys
  67. UPEK, Inc.
  68. Utimaco Safeware AG
  69. VMware, Inc.
  70. Vodafone Group Services LTD
  71. Wave Systems
  72. Western Digital

[edit] Adopters

  1. Apani Networks
  2. ArcSight, Inc.
  3. AUCONET GmbH
  4. Avenda Systems
  5. Bigfix
  6. Bioscrypt Inc.
  7. Bit9, Inc.
  8. Blue Ridge Networks
  9. BlueCat Networks
  10. BlueRISC, Inc.
  11. Bradford Networks
  12. CMS Products
  13. ConSentry Networks
  14. CPR Tools, Inc.
  15. Credant Technologies
  16. Cryptomathic Ltd.
  17. CryptoMill Technologies LTD
  18. ForeScout Technologies
  19. Great Bay Software, Inc
  20. Hangzhou Synochip Technology Co., Ltd.
  21. High Density Devices
  22. ICT Economic Impact, Ltd.
  23. IDEX ASA
  24. Insight International Corp
  25. Link-A-Media Devices
  26. Lockdown Networks
  27. Lumeta Corporation
  28. Mazu Networks
  29. Mirage Networks
  30. MoSys, Inc.
  31. Nanjing Byosoft, Ltd.
  32. nSolutions, Inc.
  33. Penza Research Electrotechnical Institute (FGUP "PNIEI")
  34. Q1 Labs
  35. Rohati Systems
  36. SafeBoot
  37. Safend LTD.
  38. Shavlik Technologies, LLC
  39. SignaCert, Inc.
  40. Sirrix AG Security Technologies
  41. SkyRecon Systems
  42. Softex, Inc.
  43. Stonewood Electronics Ltd.
  44. TELUS
  45. Thales Communication
  46. The Boeing Company
  47. Trust Digital
  48. UNETsystem
  49. Valicore Technologies, Inc.
  50. ViaSat, Inc.
  51. Vormetric Inc.
  52. Winbond Electronics Corporation

[edit] See also

[edit] References

  1. ^ Trusted Computing Group: FAQs
  2. ^ Trusted Computing Group: Contact Us
  3. ^ https://www.trustedcomputinggroup.org/downloads/specifications/TNC_Architecture_v1_0_r4.pdf
  4. ^ The Trusted Platform Module FAQ from the TCG website
  5. ^ Linux TPM Device Driver
  6. ^ TrouSerS - The open-source TCG Software Stack
  7. ^ TPM/J Java-based API for the Trusted Platform Module (TPM)
  8. ^ SourceForge.net: TrustedGRUB
  9. ^ AMD Platform for Trustworthy Computing
  10. ^ Windows Vista Technical Library Roadmap
  11. ^ TCG Current Members from the TCG website
  12. ^ Trusted Computing Group: Levels of Membership

[edit] External links

Retrieved from "http://en.wikipedia.org/wiki/Trusted_Computing_Group"



Product Results (view all...)

search wiki for    ?
web dir firms image gallery news pdf wiki shop video 



↑ top of page ↑about thumbshots