A Practical Guide to Trusted Computing [Paperback]

David Challener (Author), Kent Yoder (Author), Ryan Catherman (Author), David Safford (Author), Leendert Van Doorn (Author)

Book Description

Publication Date: January 6, 2008 | ISBN-10: 0132398427 | ISBN-13: 978-0132398428 | Edition: 1

Use Trusted Computing to Make PCs Safer, More Secure, and More Reliable

 

Every year, computer security threats become more severe. Software alone can no longer adequately defend against them: what’s needed is secure hardware. The Trusted Platform Module (TPM) makes that possible by providing a complete, open industry standard for implementing trusted computing hardware subsystems in PCs. Already available from virtually every leading PC manufacturer, TPM gives software professionals powerful new ways to protect their customers. Now, there’s a start-to-finish guide for every software professional and security specialist who wants to utilize this breakthrough security technology.

 

Authored by innovators who helped create TPM and implement its leading-edge products, this practical book covers all facets of TPM technology: what it can achieve, how it works, and how to write applications for it. The authors offer deep, real-world insights into both TPM and the Trusted Computing Group (TCG) Software Stack. Then, to demonstrate how TPM can solve many of today’s most challenging security problems, they present four start-to-finish case studies, each with extensive C-based code examples.

 

Coverage includes

• What services and capabilities are provided by TPMs
• TPM device drivers: solutions for code running in BIOS, TSS stacks for new operating systems, and memory-constrained environments
• Using TPM to enhance the security of a PC’s boot sequence
• Key management, in depth: key creation, storage, loading, migration, use, symmetric keys, and much more
• Linking PKCS#11 and TSS stacks to support applications with middleware services
• What you need to know about TPM and privacy--including how to avoid privacy problems
• Moving from TSS 1.1 to the new TSS 1.2 standard
• TPM and TSS command references and a complete function library

 

Editorial Reviews

About the Author

David Challener went to work for IBM in East Fishkill after graduating with his Ph.D. in Applied Mathematics from the University of Illinois, (Urbana-Champaign). After helping design the first TPM (representing IBM), he became chair of the TCG TSS committee. When the IBM PC division was sold to Lenovo, he became a Lenovo employee, where he has represented the company on the TCG Technical Committee, TPM workgroup, and many other groups, while continuing to chair the TSS committee. Currently he is the Lenovo Board Member for TCG.

 

Kent Yoder has been working for the IBM Linux® Technology Center since graduating from Purdue University with a degree in Computer Science in 2001. He has represented IBM on the TCG TSS committee and has helped write and maintain TrouSerS, an open-source TSS library that implements the TSS software specification for the TCG TPM hardware.

 

Ryan Catherman was a member of the Trusted Computing Group, including active memberships in the TSS and TPM working groups while employed at IBM. He was also coauthor of the IBM implementation of Trusted Computing software at its inception and originator of Unix versions of this software. Currently, he works for Opsware Incorporated, a recent HP acquisition, and holds a masters degree in Computer Engineering.

 

David Safford is a researcher at IBM’s T. J. Watson Research Center in Hawthorne, New York. There he has led security research in numerous areas, including ethical hacking, threat analysis, security engineering, intrusion detection sensors, vulnerability scanning, cryptography, and operating system security. Prior to coming to IBM in 1996, he was Director of Supercomputing and Networking at Texas A&M University, and an A-7 pilot in the United States Navy.

 

Leendert van Doorn is a Senior Fellow at AMD where he runs the software technology office. Before joining AMD he was a senior manager at IBM’s T.J. Watson Research Center, where he managed the secure systems and security analysis departments. He received his Ph.D. from the Vrije Universiteit in Amsterdam where he worked on the design and implementation of microkernels. Nowadays his interests are in managed runtime systems, accelerated computing (AMD’s name for heterogenous and homogenous manycore computing), security, and virtualization. In his former job at IBM he worked on FIPS 140-2 level 4 physically secure coprocessors, trusted systems, and virtualization. He was also actively involved in IBM’s virtualization strategy, created and lead IBM’s secure hypervisor and trusted virtual data center initiatives, and was on the board of directors for the Trusted Computing Group. Despite all these distractions, he continued to contribute code to the Xen open-source hypervisor, such as the integrated support code for AMD-V and Intel®VT-x. When conference calls and meetings are getting too much for him, he is known to find refuge at CMU.

 

Product Details

• Paperback: 384 pages
• Publisher: IBM Press; 1 edition (January 6, 2008)
• Language: English
• ISBN-10: 0132398427
• ISBN-13: 978-0132398428
• Product Dimensions: 7 x 0.8 x 9.1 inches
• Shipping Weight: 1.4 pounds
• Average Customer Review: 4.0 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #584,278 in Books (See Top 100 in Books)
  • #73 in Books > Computers & Technology > Hardware > Microprocessors & System Design > Embedded Systems

More About the Author

Discover books, learn about writers, read author blogs, and more.

Most Helpful Customer Reviews

1 of 1 people found the following review helpful

3.0 out of 5 stars Not for beginners October 3, 2009

By Alok

Format:Paperback|Amazon Verified Purchase

I think this book may be useful for people more familiar with the subject.I hoped to understand TPM command to encrypt/decrypt the data/key but find the book hard to read. There are several examples in C but those are evasive and leave me with more questions and doubt. I gave up after several chapters

To be fair, I attempted to read TCG specs (and there are so many!) as well and those were equally confusing to me and it is difficult to satisfy all aspects of TPM. I have more understanding of TPM after reading several chapters but my original questions remained unanswered.

2 of 3 people found the following review helpful

5.0 out of 5 stars I am one of the authors, so I may be biased March 22, 2011

By David C. Challener

Format:Paperback

I have run into many people who have used this book and told me they had been lost trying to program the TPM until they found it. It tries to cover several things:
What does the TPM do, and WHY?
What is it appropriate to use the TPM to do?
How can you program the TPM if:
1) You need to talk to it at a low level
2) If you need to write an application that uses it at a high level.

There is a lot of C code in the book for examples.