Enabling, Activating, and Owning a TPM

The justification for three separate controls or flags (Enable, Activate, and Ownership) is not immediately obvious. A good way to introduce them is to distinguish between the situation in which a TPM doesn't have an owner and the situation in which a TPM does have an owner. Enable and Activate are useful both with and without a TPM owner, whereas Ownership governs attempts to become a TPM's owner and has no effect after a TPM owner has been established:

  • If a TPM does not yet have an owner, these controls have the following status:

    - Enable-OFF is a master control that prevents any remote attempt whatsoever to become a TPM's owner. The strength of the Enable-OFF control lies in the fact that the Enable flag ...

Get Trusted Computing Platforms: TCPA Technology in Context now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.