Chapter 13
Trusted Computing and Secure Identification
One of the main purposes envisioned for the TPM was identification. Passwords have multiplied at an alarming rate, including phone voicemail passwords, Windows logon, hard disk passwords, power-on passwords, email passwords, intranet passwords, bank pins, Amazon passwords, Pay-pal passwords, eBay passwords...the list seems endless. They cost enterprises on average $50 for each call used to reset a forgotten password, and have become notorious for being insecure. A public private key is secure—as long as the private key is secure—and tokens such as smart cards or USB keys are harder to manage than passwords. The TPM provides a basic capability to help alleviate all of these problems.
First, ...
Get A Practical Guide to Trusted Computing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.