Cryptographic Authorization

In this section, we describe the cryptographic authorization mechanisms in the TCPA specification and their usage. We also introduce the optional commands for caching a session.

Authorization Data

The purpose of the authorization mechanism is to authenticate the owner of a TPM or to authorize the use of an instance of a TPM capability. The basic premise is to prove knowledge of a secret that is shared between the TPM and an authorized user. This shared secret is called the authorization data.

Choosing Authorization Values

Capabilities that manipulate user data associate a separate authorization value with each separate instance of user data. Other types of capability have just one authorization value. The only restriction ...

Get Trusted Computing Platforms: TCPA Technology in Context now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.