You are here: Resources > FIDIS Deliverables > HighTechID > D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management > 

D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management

Trusted Platform Module (TPM) Specification Overview  Title:
 Trusted Network Connect (TNC) Specification Overview


TCG Software Stack (TSS) Specification Overview

The TCG Software Stack (TSS) provides a platform independent software interface for accessing TPM functions [98]. The TSS enables the creation of interfaces for existing cryptographic APIs like MS-CAPI or PKCS#11. This enables TPM support for current and future applications that are using those APIs. In order to take full advantage of a TPM’s attestation functions, however, applications will have to support TSS directly.

TSS defines three software interfaces for TCG-enabled software. An overview on these interfaces and some possibilities to make use of them is given in figure 6. 

The kernel mode TPM device driver is documented in the TCG TPM Specification. Above the kernel mode driver, a user mode driver, called TPM Device Driver Library (TDDL), provides an operating system independent interface for TPM applications. This separation should ensure that different implementations of TSS are able to communicate with any TPM device and enable the implementation of TPM software emulators as user mode components. 

The TSS Core Services (TCS) offers an interface to a common set of platform services like TCG Service Providers or RPC services for communication to a remote TCG Service Provider. The TCS is run as a system process in user mode. It provides services for credential and key management, measurement and event management to handle event log entries and access to PCRs. Additionally it manages access to the TPM device itself since there might run multiple TCG Service Providers in parallel on a single platform.

The TCS must be trusted to manage authorization information which is supplied to the TPM. 


Fig5: TCG Software Stack (TSS) and Interaction Scenarios 

The TCG Service Provider (TSP) provides an interface for the C programming language. This interface can be used by applications that make use of TPM features. TSPs provide context management which allows efficient use of application and TSP resources and basic cryptographic functions like the computation of message digests and signature generation. Other cryptographic service providers may use the TSP Interface (TSPI) to communicate with the TPM device. This enables applications not supporting TSP to use TPM functions through their currently supported cryptographic API.



Trusted Platform Module (TPM) Specification Overview  fidis-wp3-del3.9_Study_on_the_Impact_of_Trusted_Computing_on_Identity_and_Identity_Management_v1.1.sxw  Trusted Network Connect (TNC) Specification Overview
10 / 38