Browse Definitions :
Definition

Trusted Platform Module (TPM)

A Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication

Each TPM chip contains an RSA key pair called the Endorsement Key (EK). The pair is maintained inside the chip and cannot be accessed by software. The Storage Root Key (SRK) is created when a user or administrator takes ownership of the system. This key pair is generated by the TPM based on the Endorsement Key and an owner-specified password.

A second key, called an Attestation Identity Key (AIK) protects the device against unauthorized firmware and software modification by hashing critical sections of firmware and software before they are executed. When the system attempts to connect to the network, the hashes are sent to a server that verifies that they match expected values. If any of the hashed components has been modified since last started, the match will fail, and the system can not gain entry to the network.

TPM chips can be used with any major operating system and work best in conjunction with other security technologies such as firewalls, antivirus software, smart cards and biometric verification

The term TPM is sometimes used in reference to the set of specifications applicable to TPM chips.

See also: hard-drive encryption, encryption key management

This was last updated in September 2014

Continue Reading About Trusted Platform Module (TPM)

SearchCompliance

SearchSecurity

  • cyber attack

    A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to ...

  • backdoor (computing)

    A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.

  • post-quantum cryptography

    Post-quantum cryptography, also called quantum encryption, is the development of cryptographic systems for classical computers ...

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • cloud SLA (cloud service-level agreement)

    A cloud SLA (cloud service-level agreement) is an agreement between a cloud service provider and a customer that ensures a ...

  • NOR flash memory

    NOR flash memory is one of two types of non-volatile storage technologies.

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

Close