search menu icon-carat-right cmu-wordmark

Trust and Trusted Computing Platforms

January 2011 Technical Note
David Fisher, Jonathan M. McCune, Archie D. Andrews

This technical note examines the Trusted Platform Module, which arose from work related to the Independent Research and Development project "Trusted Computing in Extreme Adversarial Environments: Using Trusted Hardware as a Foundation for Cyber Security."

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2011-TN-005

Abstract

Hardware-based trusted computing platforms are intended to overcome many of the problems of trust that are prominent in computing systems. In this paper, a result of the Software Engineering Institute’s Independent Research and Development Project “Trusted Computing in Extreme Adversarial Environments: Using Trusted Hardware as a Foundation for Cyber Security,” we discuss the capabilities and limitations of the Trusted Platform Module (TPM). We describe credential storage, device identity, chains of trust, and other techniques for extending hardware-based trust to higher levels of software-based infrastructure. We then examine the character of trust and identify strategies for increasing trust. We show why acceptance of TPM-based trust has been limited to date and suggest that broader acceptance will require more focus on traditional trust issues and on end-to-end services.