Book description
A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security is a straight-forward primer for developers. It shows security and TPM concepts, demonstrating their use in real applications that the reader can try out.
Simply put, this book is designed to empower and excite the programming community to go out and do cool things with the TPM. The approach is to ramp the reader up quickly and keep their interest.A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security explains security concepts, describes the TPM 2.0 architecture, and provides code and pseudo-code examples in parallel, from very simple concepts and code to highly complex concepts and pseudo-code.
The book includes instructions for the available execution environments and real code examples to get readers up and talking to the TPM quickly. The authors then help the users expand on that with pseudo-code descriptions of useful applications using the TPM.
Table of contents
- Cover
- Title
- Copyright
- About ApressOpen
- Dedication
- Contents at a Glance
- Contents
- About the Authors
- About the Technical Reviewers
- Acknowledgments
- Introduction
- Chapter 1: History of the TPM
- Chapter 2: Basic Security Concepts
- Chapter 3: Quick Tutorial on TPM 2.0
-
Chapter 4: Existing Applications That Use TPMs
- Application Interfaces Used to Talk to TPMs
- TPM Administration and WMI
- Applications That Use TPMs
- Applications That Should Use the TPM but Don’t
- Building Applications for TPM 1.2
- TSS.Net and TSS.C++
- Wave Systems Embassy Suite
- Rocks to Avoid When Developing TPM Applications
- New Manageability Solutions in TPM 2.0
- Summary
-
Chapter 5: Navigating the Specification
- TPM 2.0 Library Specification: The Parts
- Some Definitions
- Getting Started in Part 3: the Commands
- Data Details
- Part 2: Notation Syntax
- Part 3: Table Decorations
- Commonly Used Sections of the Specification
- How to Find Information in the Specification
- Strategies for Ramping Up on TPM 2.0
- Other TPM 2.0 Specifications
- Summary
- Chapter 6: Execution Environment
- Chapter 7: TPM Software Stack
- Chapter 8: TPM Entities
- Chapter 9: Hierarchies
- Chapter 10: Keys
- Chapter 11: NV Indexes
- Chapter 12: Platform Configuration Registers
-
Chapter 13: Authorizations and Sessions
- Session-Related Definitions
- Password, HMAC, and Policy Sessions: What Are They?
- Session and Authorization: Compared and Contrasted
- Authorization Roles
- Command and Response Authorization Area Details
- Password Authorization: The Simplest Authorization
- Starting HMAC and Policy Sessions
- HMAC and Policy Sessions: Differences
- HMAC Authorization
- Policy Authorization
- Combined Authorization Lifecycle
- Summary
-
Chapter 14: Extended Authorization (EA) Policies
- Policies and Passwords
- Why Extended Authorization?
- How Extended Authorization Works
- Creating Policies
- Command-Based Assertions
- Multifactor Authentication
- Compound Policies: Using Logical OR in a Policy
- Considerations in Creating Policies
- Using a Policy to Authorize a Command
- Certified Policies
- Summary
- Chapter 15: Key Management
- Chapter 16: Auditing TPM Commands
- Chapter 17: Decrypt/Encrypt Sessions
- Chapter 18: Context Management
- Chapter 19: Startup, Shutdown, and Provisioning
- Chapter 20: Debugging
- Chapter 21: Solving Bigger Problems with the TPM 2.0
- Chapter 22: Platform Security Technologies That Use TPM 2.0
- Index
Product information
- Title: A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security Will Arthur & David Challener
- Author(s):
- Release date: January 2015
- Publisher(s): Apress
- ISBN: 9781430265849
You might also like
book
Zero Trust Security: An Enterprise Guide
Understand how Zero Trust security can and should integrate into your organization. This book covers the …
book
Practical Cloud Security, 2nd Edition
With rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. …
book
Security in Computing
The New State of the Art in Information Security: Now Covers Cloud Computing, the Internet of …
book
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 2nd Edition
The only official study guide for the new CCSP exam (ISC)2 CCSP Certified Cloud Security Professional …