TPM 2.0 Software Stack — Philip Tricca — Platform Security Summit 2018
Slides: https://PlatformSecuritySummit.com/2018/speaker/Tricca
The Trusted Platform Module (TPM) has been the standard in software integrity measurement and reporting for over 15 years. TPM 2.0 became an ISO standard in 2015, a Windows 10 security requirement in 2018 and is integrated into platforms across the enterprise as a discrete part or as firmware in a TEE. Despite the pain and suffering associated with programming in past TCG APIs, TPM architecture has proven sound and useful.
This talk will cover Intel’s collaboration with partners in the TCG TPM2 Software Stack (TSS2) working group to create a set of usable APIs. Design and craftsmanship of APIs with intuitive, predictable behavior can increase developer adoption and the likelihood of critical infrastructure functioning as intended. We have made TPM2 programming architecture and APIs usable for multiple levels of abstraction and varying constraints. We’ll discuss recent successes, including open-source APIs for environments ranging from embedded firmware to desktops and servers.
The TSS2 APIs are however just a means to an end and so this talk will conclude with a discussion of projects that we aim to enable through these APIs. Specifically—richer functionality in the UEFI firmware environment, hybrid approaches for key management in hardware crypto accelerators, integration with distributed key management infrastructure, the impact of recent OSS work on user freedoms and emerging standards like the Device Identifier Composition Engine (DICE).
Видео TPM 2.0 Software Stack — Philip Tricca — Platform Security Summit 2018 канала Platform Security Summit
The Trusted Platform Module (TPM) has been the standard in software integrity measurement and reporting for over 15 years. TPM 2.0 became an ISO standard in 2015, a Windows 10 security requirement in 2018 and is integrated into platforms across the enterprise as a discrete part or as firmware in a TEE. Despite the pain and suffering associated with programming in past TCG APIs, TPM architecture has proven sound and useful.
This talk will cover Intel’s collaboration with partners in the TCG TPM2 Software Stack (TSS2) working group to create a set of usable APIs. Design and craftsmanship of APIs with intuitive, predictable behavior can increase developer adoption and the likelihood of critical infrastructure functioning as intended. We have made TPM2 programming architecture and APIs usable for multiple levels of abstraction and varying constraints. We’ll discuss recent successes, including open-source APIs for environments ranging from embedded firmware to desktops and servers.
The TSS2 APIs are however just a means to an end and so this talk will conclude with a discussion of projects that we aim to enable through these APIs. Specifically—richer functionality in the UEFI firmware environment, hybrid approaches for key management in hardware crypto accelerators, integration with distributed key management infrastructure, the impact of recent OSS work on user freedoms and emerging standards like the Device Identifier Composition Engine (DICE).
Видео TPM 2.0 Software Stack — Philip Tricca — Platform Security Summit 2018 канала Platform Security Summit
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Securing Embedded Linux Systems with TPM 2.0 - Philip Tricca, Intel
Trusting your Raspberry Pi - An introduction to the TPM and IoT - Ian Oliver - code::dive 2019
LinuxBoot progress: boot anything from Linux — Chris Koch, Google — Platform Security Summit 2019
USENIX Security '16 - fTPM: A Software-Only Implementation of a TPM Chip
Keylime - An Open Source TPM Project for Remote Trust. - Luke Hinds, Red Hat
"TPM based attestation - how can we use it for good?" - Matthew Garrett (LCA 2020)
Firmware security, why it matters and how you can have it
Guarding Against Physical Attacks: The Xbox One Story — Tony Chen, Microsoft
Growing Risks in the Software Supply Chain — Mark Sherman, CMU — Platform Security Summit 2019
Securing Kubernetes with Trusted Platform Module (TPM) - Alex Tcherniakhovski & Andrew Lytvynov
Remote Timing Attacks on TPMs, AKA TPM-Fail
Better Data Security with Commodity TPM Chips - Haris Okanovic, National Instruments
Install and Configuration 802.1x EAPOL Windows Server 2016
Securing the Linux boot process
tpm2-software.github.io - Enabling the TPM2.0 Ecosystem in Linux - Andreas Fuchs, Fraunhofer SIT
Introduction to Cloud Computing
Protected Execution Facility — Guerney Hunt, IBM Research — Platform Security Summit 2019
What is a Trusted Platform Module (TPM)? Protecting your PC and data through hardware encryption
STM/PE & XHIM — Eugene Myers, NSA — Platform Security Summit 2018
GA-H97M-D3H Bios update with Pendrive | Gigabyte Motherboard