Secure Boot and Authenticated Boot Processes
Normally, a TP boots, and the RTM, the measurement agents, and the TPM cooperate to keep a record of the boot process in the PCRs and the measurement log. TCPA calls this an authenticated boot. The platform could end up in any arbitrary state, but that state will be recorded and can be reported.
TCPA does, however, support another type of boot called a secure boot. Secure boot is a boot process of a TP such that an exception is raised (i.e., a warning is given and the boot is cancelled) if a difference exists between the boot process and the expected boot process. Secure boot requires more work by the RTM and the measurement agents, and it uses data integrity registers (DIRs) inside the TPM. DIRs are ...
Get Trusted Computing Platforms: TCPA Technology in Context now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
