Multiple Stakeholder Model Revision 3.40
Total Page:16
File Type:pdf, Size:1020Kb
R E Multiple Stakeholder Model F Published E Family “2.0” R Level 00 Revision 3.40 2 May 2016 E N C Contact: [email protected] E TCG PUBLISHED Copyright © TCG 2012-2016 TCG Published - Multiple Stakeholder Model Copyright TCG Copyright ©2012-2016 Trusted Computing Group, Incorporated. Disclaimer THIS REFERENCE DOCUMENT IS PROVIDED "AS IS" WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, WHITE PAPER, OR SAMPLE. Without limitation, TCG disclaims all liability, including liability for infringement of any proprietary rights, relating to use of information in this reference document, and TCG disclaims all liability for cost of procurement of substitute goods or services, lost profits, loss of use, loss of data or any incidental, consequential, direct, indirect, or special damages, whether under contract, tort, warranty or otherwise, arising in any way out of use or reliance upon this document or any information herein. No license, express or implied, by estoppel or otherwise, to any TCG or TCG member intellectual property rights is granted herein. Contact the Trusted Computing Group at www.trustedcomputinggroup.org for information on TCG licensing through membership agreements. Any marks and brands contained herein are the property of their respective owners. Page ii TCG PUBLISHED Family “2.0” 2 May 2016 Copyright © TCG 2012-2016 Level 00 Revision 3.40 Published- Multiple Stakeholder Model Copyright TCG Acknowledgments The TCG wishes to thank all those who contributed to this reference document. Ronald Aigner Microsoft Bo Bjerrum Intel Corporation Alec Brusilovsky InterDigital Communications, LLC David Challener Johns Hopkins University, Applied Physics Lab Michael Chan Samsun Semiconductor Inc. / Qualcomm Inc. Cedric Colnot NXP Semiconductors Carlin Covey NXP Semiconductors Jan-Erik Ekberg Nokia Paul England Microsoft Andreas Fuchs Fraunhofer Institute for Secure Information Technology (SIT) Jon Gaeter ARM Ltd. / Trustonic Ltd Steve Hanna Infineon Technologies North America Corp. Laszlo Hars The Boeing Company Carey Huscroft HP Inc. Bill Jacobs Cisco Greg Kazmierczak Wave Systems Seigo Kotani Fujitsu Limited Sung Lee Intel Corporation Ira McDonald High North Inc. Kathleen McGill Johns Hopkins University, Applied Physics Lab John Mersh ARM Ltd. Hadi Nahari NVIDIA Corp Ken Nicolson Panasonic Carlton Northern The MITRE Corporation Niall O'Donoghue Microsoft Michael Peck The MITRE Corporation Gilles Peskine Trustonic Ltd Stanley Potter United States Government Graeme Proudler HP Inc. Emily Ratliff Advanced Micro Devices, Inc. Joshua Schiffman Advanced Micro Devices, Inc. Ariel Segall The MITRE Corporation Hervé Sibert STMicroelectronics Sylvain Trosset Trustonic Ltd Janne Uusilehto Microsoft Paul Waller CESG Monty Wiseman Intel Corporation David Wooten Microsoft Esteban Yepez Sandia National Laboratories Family “2.0” TCG PUBLISHED Page iii Level 00 Revision 3.40 Copyright © TCG 2012-2016 2 May 2016 Published - Multiple Stakeholder Model Copyright TCG Table of Contents 1 Scope and Audience ............................................................................................................................. 1 1.1 References ...................................................................................................................................... 1 2 Basic Definitions .................................................................................................................................... 5 3 Acronyms............................................................................................................................................... 9 4 Introduction .......................................................................................................................................... 11 4.1 Assumptions ................................................................................................................................. 11 4.2 Key Concepts and Technologies .................................................................................................. 11 4.2.1 Roots of Trust ....................................................................................................................... 11 4.2.2 Transitive Trust ..................................................................................................................... 11 4.2.3 Secure Boot .......................................................................................................................... 12 4.2.4 Measured Boot ..................................................................................................................... 12 4.2.5 Trusted Platform Module ...................................................................................................... 12 4.2.6 TPM Mobile .......................................................................................................................... 12 4.2.7 Trusted Network Communication (TNC) .............................................................................. 12 4.2.8 Protected Environment ......................................................................................................... 12 4.2.9 Trusted Path ......................................................................................................................... 13 4.2.10 Trust Assertions ................................................................................................................... 13 5 Use Cases ........................................................................................................................................... 14 5.1 Bring Your Own Device (BYOD) ................................................................................................... 14 5.2 Financial Services ......................................................................................................................... 14 5.3 Health Monitoring Services ........................................................................................................... 15 6 Recommendations .............................................................................................................................. 16 6.1 Recommended Capabilities .......................................................................................................... 16 6.1.1 Integrity Protection of Trusted Shared Components ............................................................ 16 6.1.2 Isolation from Other Stakeholders ........................................................................................ 16 6.1.3 Trusted Path ......................................................................................................................... 16 6.1.4 Key Storage .......................................................................................................................... 16 6.1.5 Authentication of End Users and Device .............................................................................. 17 6.1.6 Authentication of Remote Entities ........................................................................................ 17 6.1.7 Authorization ........................................................................................................................ 17 6.1.8 Policy-based Access Control ............................................................................................... 17 6.1.9 Data Encryption .................................................................................................................... 17 6.1.10 Attestation of Trusted Shared Components ......................................................................... 18 6.2 Advanced Capabilities .................................................................................................................. 18 6.2.1 Audit of System Events ........................................................................................................ 18 6.2.2 Audit of Stakeholder Events ................................................................................................. 18 6.2.3 Active Environment Indication .............................................................................................. 18 7 Implementation Alternatives ................................................................................................................ 19 7.1 Single TPM ................................................................................................................................... 19 7.2 Multiple TPMs ............................................................................................................................... 22 7.3 Virtualization ................................................................................................................................. 24 8 Threats and Mitigations ....................................................................................................................... 27 Page iv TCG PUBLISHED Family “2.0” 2 May 2016 Copyright © TCG 2012-2016 Level 00 Revision 3.40 Published- Multiple Stakeholder Model Copyright TCG List of Figures Figure 1 – Notional diagram of a Single TPM MSM implementation .................................................................... 19 Figure 2 – Notional diagram of a Multiple TPM MSM implementation ................................................................ 22 Figure 3 – Notional diagram of a virtualized MSM