A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security Will Arthur & David Challener

CHAPTER 16

Auditing TPM Commands

As used in the TPM, audit is the process of logging TPM command and response parameters that pass between the host and the TPM. The host is responsible for maintaining the log, which may be in host memory or on disk. An auditor can later use the TPM to attest to the log’s integrity (that it has not been altered) and authenticity (that it was logging TPM transactions).

The underlying audit concept is similar to that of attestation using PCRs. The TPM extends command and response parameter hashes into an audit digest. The auditor can later request a signed audit digest and verify the signature and certificate chain. ...

Get A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security Will Arthur & David Challener now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security Will Arthur & David Challener by Will Arthur, David Challener, Kenneth Goldman

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly