Enabling, Activating, and Owning a TPM
The justification for three separate controls or flags (Enable, Activate, and Ownership) is not immediately obvious. A good way to introduce them is to distinguish between the situation in which a TPM doesn't have an owner and the situation in which a TPM does have an owner. Enable and Activate are useful both with and without a TPM owner, whereas Ownership governs attempts to become a TPM's owner and has no effect after a TPM owner has been established:
If a TPM does not yet have an owner, these controls have the following status:
- Enable-OFF is a master control that prevents any remote attempt whatsoever to become a TPM's owner. The strength of the Enable-OFF control lies in the fact that the Enable flag ...
Get Trusted Computing Platforms: TCPA Technology in Context now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.