Trusted Computing Group

Last updated
Trusted Computing Group
Company type Consortium
Founded2003
Founder AMD, Hewlett-Packard, IBM, Intel, Microsoft
Headquarters,
United States
Website trustedcomputinggroup.org

The Trusted Computing Group is a group formed in 2003 as the successor to the Trusted Computing Platform Alliance which was previously formed in 1999 to implement Trusted Computing concepts across personal computers. [2] Members include Intel, AMD, IBM, Microsoft, and Cisco.

Contents

The core idea of trusted computing is to give hardware manufacturers control over what software does and does not run on a system by refusing to run unsigned software. [3]

History

On October 11, 1999, the Trusted Computing Platform Alliance (abbreviated as TCPA), a consortium of various technology companies including Compaq, Hewlett-Packard, IBM, Intel, and Microsoft, was formed in an effort to promote trust and security in the personal computing platform. [4] In November 1999, the TCPA announced that over 70 leading hardware and software companies joined the alliance in the first month. [5] On January 30, 2001, version 1.0 of the Trusted Computing Platform Specifications was released [6] IBM was the first original equipment manufacturer to incorporate hardware features based on the specifications with the introduction of its ThinkPad T30 mobile computer in 2002. [7]

In 2003, the TCPA was succeeded by the Trusted Computing Group, with an increased emphasis on mobile devices. [2]

Membership fees vary by level. Promoters pay annual membership fees of $30,000, contributors pay $15,000, and depending upon company size, adopters pay annual membership fees of either $2,500 or $7,500. [8]

Overview

TCG's most successful effort was the development of a Trusted Platform Module (TPM), a semiconductor intellectual property core or integrated circuit that conforms to the specification to enable trusted computing features in computers and mobile devices. Related efforts involved Trusted Network Connect, to bring trusted computing to network connections, and Storage Core Architecture / Security Subsystem Class, to bring trusted computing to disk drives and other storage devices. These efforts have not achieved the same level of widespread adoption as the trusted platform module.

Criticism

The group historically faced opposition from the free software community on the grounds that the technology had a negative impact on the users' privacy and can create customer lock-in, especially if it is used to create DRM applications. It received criticism from the Linux and FreeBSD communities, as well as the software development community in general.

ISO standardization

In 2009 ISO/EIC release trusted platform module standards

Related Research Articles

The Common Language Infrastructure (CLI) is an open specification and technical standard originally developed by Microsoft and standardized by ISO/IEC and Ecma International that describes executable code and a runtime environment that allows multiple high-level languages to be used on different computer platforms without being rewritten for specific architectures. This implies it is platform agnostic. The .NET Framework, .NET and Mono are implementations of the CLI. The metadata format is also used to specify the API definitions exposed by the Windows Runtime.

<span class="mw-page-title-main">Digital Equipment Corporation</span> U.S. computer manufacturer (1957–1998)

Digital Equipment Corporation, using the trademark Digital, was a major American company in the computer industry from the 1960s to the 1990s. The company was co-founded by Ken Olsen and Harlan Anderson in 1957. Olsen was president until he was forced to resign in 1992, after the company had gone into precipitous decline.

<span class="mw-page-title-main">IBM PC–compatible</span> Computers similar to the IBM PC and its derivatives

IBM PC–compatible computers are technically similar to the original IBM PC, XT, and AT, all from computer giant IBM, that are able to use the same software and expansion cards. Such computers were referred to as PC clones, IBM clones or IBM PC clones. The term "IBM PC compatible" is now a historical description only, since IBM no longer sells personal computers after it sold its personal computer division in 2005 to Chinese technology company Lenovo. The designation "PC", as used in much of personal computer history, has not meant "personal computer" generally, but rather an x86 computer capable of running the same software that a contemporary IBM PC could. The term was initially in contrast to the variety of home computer systems available in the early 1980s, such as the Apple II, TRS-80, and Commodore 64. Later, the term was primarily used in contrast to Apple's Macintosh computers.

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

<span class="mw-page-title-main">Next-Generation Secure Computing Base</span> Software architecture by Microsoft

The Next-Generation Secure Computing Base is a software architecture designed by Microsoft which claimed to provide users of the Windows operating system with better privacy, security, and system integrity. NGSCB was the result of years of research and development within Microsoft to create a secure computing solution that equaled the security of closed platforms such as set-top boxes while simultaneously preserving the backward compatibility, flexibility, and openness of the Windows operating system. Microsoft's primary stated objective with NGSCB was to "protect software from software."

<span class="mw-page-title-main">Secure cryptoprocessor</span> Device used for encryption

A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.

<span class="mw-page-title-main">Wintel</span> Partnership between Microsoft Windows and Intel

Wintel is the partnership of Microsoft Windows and Intel producing personal computers using Intel x86-compatible processors running Microsoft Windows.

<span class="mw-page-title-main">InfiniBand</span> Network standard

InfiniBand (IB) is a computer networking communications standard used in high-performance computing that features very high throughput and very low latency. It is used for data interconnect both among and within computers. InfiniBand is also used as either a direct or switched interconnect between servers and storage systems, as well as an interconnect between storage systems. It is designed to be scalable and uses a switched fabric network topology. Between 2014 and June 2016, it was the most commonly used interconnect in the TOP500 list of supercomputers.

The Organization for the Advancement of Structured Information Standards is a nonprofit consortium that works on the development, convergence, and adoption of projects - both open standards and open source - for Computer security, blockchain, Internet of things (IoT), emergency management, cloud computing, legal data exchange, energy, content technologies, and other areas.

An open standard is a standard that is openly accessible and usable by anyone. It is also a common prerequisite that open standards use an open license that provides for extensibility. Typically, anybody can participate in their development due to their inherently open nature. There is no single definition, and interpretations vary with usage. Examples of open standards include the GSM, 4G, and 5G standards that allow most modern mobile phones to work world-wide.

<span class="mw-page-title-main">C99</span> C programming language standard, 1999 revision

C99 is a past version of the C programming language open standard. It extends the previous version (C90) with new features for the language and the standard library, and helps implementations make better use of available computer hardware, such as IEEE 754-1985 floating-point arithmetic, and compiler technology. The C11 version of the C programming language standard, published in 2011, updates C99.

The Advanced Computing Environment (ACE) was defined by an industry consortium in the early 1990s to be the next generation commodity computing platform, the successor to personal computers based on Intel's 32-bit instruction set architecture. The effort found little support in the market and dissolved due to infighting within the group and a lack of sales.

<span class="mw-page-title-main">Trusted Platform Module</span> Standard for secure cryptoprocessors

Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard ISO/IEC 11889. Common uses are to verify platform integrity, and to store disk encryption keys.

Intel Trusted Execution Technology is a computer hardware technology of which the primary goals are:

<span class="mw-page-title-main">Peter Biddle</span> American technical evangelist

Peter Nicholas Biddle is a technology evangelist from the United States. His primary fields of interest while employed at major technology companies such as Intel and Microsoft were content distribution, secure computing, and encryption. Since his departure from Intel, he has co-founded and led several industrial design companies.

Direct Anonymous Attestation (DAA) is a cryptographic primitive which enables remote authentication of a trusted computer whilst preserving privacy of the platform's user. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification to address privacy concerns. ISO/IEC 20008 specifies DAA, as well, and Intel's Enhanced Privacy ID (EPID) 2.0 implementation for microprocessors is available for licensing RAND-Z along with an open source SDK.

The following outline is provided as an overview of and topical guide to computing:

A trusted execution environment (TEE) is a secure area of a main processor. It helps the code and data loaded inside it be protected with respect to confidentiality and integrity. Data confidentiality prevents unauthorized entities from outside the TEE from reading data, while code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which may also be the computer owner itself as in certain DRM schemes described in Intel SGX.

InstantGo, also known as InstantOn or Modern Standby, is a Microsoft specification for Windows 8 hardware and software that aims to bring smartphone-type power management capabilities to the PC platform, as well as increasing physical security.

Enhanced Privacy ID (EPID) is Intel Corporation's recommended algorithm for attestation of a trusted system while preserving privacy. It has been incorporated in several Intel chipsets since 2008 and Intel processors since 2011. At RSAC 2016 Intel disclosed that it has shipped over 2.4B EPID keys since 2008. EPID complies with international standards ISO/IEC 20008 / 20009, and the Trusted Computing Group (TCG) TPM 2.0 for authentication. Intel contributed EPID intellectual property to ISO/IEC under RAND-Z terms. Intel is recommending that EPID become the standard across the industry for use in authentication of devices in the Internet of Things (IoT) and in December 2014 announced that it was licensing the technology to third-party chip makers to broadly enable its use.

References

  1. About Trusted Computing Group
  2. 1 2 Rick Merritt (April 8, 2003). "New group aims to secure PCs, PDAs, cell phones" . Retrieved 2014-11-17.
  3. "Trusted Computing Group: TPM FAQ". www.trustedcomputinggroup.org. Archived from the original on 3 October 2006. Retrieved 17 January 2022.
  4. IBM News Room (October 11, 1999). "Compaq, Hewlett Packard, IBM, Intel, and Microsoft Announce Open Alliance to Build Trust and Security into PCs for e-business". Archived from the original on November 29, 2014. Retrieved 2014-11-17.{{cite web}}: |author= has generic name (help)
  5. Jeanne Orfinik (November 19, 1999). "Trusted Computing Platform Alliance Holds Founding Conference" (PDF). Archived from the original on June 6, 2002. Retrieved 2014-11-17.{{cite web}}: CS1 maint: unfit URL (link)
  6. Trusted Computing Platform Alliance (January 30, 2001). "Trusted Computing Platform Alliance Announces v.1.0 Specifications for Trusted Computing" (PDF). Archived from the original on August 6, 2002. Retrieved 2014-11-17.{{cite web}}: CS1 maint: unfit URL (link)
  7. Rick Merritt (April 24, 2002). "IBM ThinkPad complies with TCPA security spec" . Retrieved 2014-11-17.
  8. "Membership". Trusted Computing Group. 2020-05-01. Retrieved 2020-05-01.