TCG releases TPM 2.0 specification for device security

Cyber Chief Magazine brings you the tactics to uncover and neutralize the insider threat

The Trusted Computing Group (TCG) has announced the TPM (Trusted Platform Module) 2.0 library specification, which provides a technology response to the global need for a more secure computing environment.

Based on contributions and feedback from TCG member companies and security technology experts representing the world’s leading silicon makers, device makers, software and solution providers as well as researchers, governments and academic institutions, TPMs provide a secure root of trust to protect data in computers and mobile devices from digital and physical attacks, theft or loss.

The TCG also is making available the PC Client Platform TPM Profile (PTP) specification, the first in a series of specifications to enable developers and manufacturers to design TPMs into their products. Specifications for additional platforms, including mobile devices and embedded systems, will follow.

Hundreds of millions of TPMs are embedded into PCs, servers, networking gear, embedded systems and other computing devices, where they help protect computers against unauthorized changes from malware, rootkit attacks and similar malicious activities.

TPMs enable more secure processes within the system, such as digital signatures and key exchanges. The TPM can help ensure that unsafe, unverified or out-of-date systems don’t connect to a corporate network and provides a cost effective, built in hardware root of trust that can be used to authenticate devices and users.

TPM 2.0 offers the flexibility for industry implementations across a broad range of platforms including servers, desktops, embedded systems, mobile devices and network equipment. In order to accommodate all of these different platforms, the new specification is written in a way that enables TCG to develop platform specific specifications utilizing TPM 2.0 to meet the requirements of their platform.