Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

When to use a TPM

When to use a TPM

For access to this article, please select a purchase option:

Buy chapter PDF
£10.00
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 chapters for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
Trusted Platform Modules: Why, when and how to use them — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Author(s): Ariel Segall
Publication date November 2016

TPMs are most useful for three kinds of tasks: remotely identifying a machine, or machine authentication; providing hardware protection of secrets, or data protection; and providing verifiable evidence about a machine's state, or attestation. Each of these categories covers a wide range of real-world applications, and some applications take advantage of multiple categories. In all cases, it's important to consider whether a TPM is the best tool for the job. TPMs are ubiquitous among enterprise computers, and have zero or minimal additional purchase costs, in contrast to smart cards or high-end cryptographic coprocessors. They have a number of specialized functions which can be very powerful in enterprise environments, and which are hard to find elsewhere. However, TPMs are also slow and not suitable for rapid, bulk operation. Using them, at least today usually requires investing in specialized software, often written in-house; in some cases, they even require custom changes to an enterprise's PKI. If you have a single use case which could use the TPM and a more widely deployed technology equally well, you may consider the overhead costs of setting up and integrating TPMs a negative deciding factor. However, if your enterprise is well placed to take advantage of several TPM features in diverse applications, the net benefits from TPM integration may well justify the initial overhead costs; if TPM deployment is done well once, the cost of each additional use case will be quite small.

Chapter Contents:

  • 2.1 Machine authentication examples
  • 2.2 Data protection examples
  • 2.3 Attestation examples
  • 2.4 When not to use a TPM
  • 2.4.1 When not to use: consumer DRM
  • 2.4.2 When not to use: primary defence against physical threats
  • 2.5 Complicating factors
  • 2.5.1 Identifying TPMs
  • 2.5.2 Enterprise PKI integration
  • 2.5.3 Universal software support

Inspec keywords: costing; message authentication; data protection; trusted computing; cryptography; smart cards

Other keywords: secret hardware protection; trusted platform modules; machine authentication; remote machine identification; high-end cryptographic coprocessors; TPM; purchase costs; data protection; smart cards

Subjects: Data security

Preview this chapter:
Preview Magnify
Zoom in
Zoomout

When to use a TPM, Page 1 of 2

| /docserver/preview/fulltext/books/pc/pbpc013e/PBPC013E_ch2-1.gif /docserver/preview/fulltext/books/pc/pbpc013e/PBPC013E_ch2-2.gif

Related content

content/books/10.1049/pbpc013e_ch2
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address