D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes: Future of IDentity in the Information Society

You are here: Resources > FIDIS Deliverables > Privacy and legal-social content > D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes >

Resources

Identity Use Cases & Scenarios.
FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
  - D13.1: Identity and impact of privacy enhancing technologie.
  - D13.1 Addendum: Identity and impact of privacy enhancing technologies.
  - D13.3: Study on ID number policies.
  - D13.6 Privacy modelling and identity.
  - D13.7: Workshop Privacy.
  - D14.1: Workshop on Privacy in Business Processes.
  - D14.2: Study on Privacy in Business Processes by Identity Management.
  - D14.3: Study on the Suitability of Trusted Computing to support Privacy in Business Processes.
  - D14.4: Workshop on “From Data Economy to Secure.
  - D16.3: Towards requirements for privacy-friendly identity management in eGovernment.
- Mobility and Identity.
- Other.
IDIS Journal.
FIDIS Interactive.
Press & Events.
In-House Journal.
Booklets
Identity in a Networked World.
Identity R/Evolution.

Title:
TPM CREDENTIALS

TPM Credentials

A trusted platform is delivered with several credentials (digital certificates) that should provide assurance that its components have been constructed to meet the requirements of the TCG Specifications.

Endorsement Credential As already mentioned, the Endorsement Credential should provide evidence that the EK has been properly created and embedded into a valid TPM. It is issued by the entity that generated the EK. This credential contains the name of the TPM manufacturer, the TPM part model number, its version and stepping and the public part of the EK. The EK is a RSA encryption/decryption key pair which is used along with the Endorsement, Platform and Conformance credentials to provide evidence of the platform’s identity in a protocol to establish AIKs.

Conformance Credentials The Conformance Credential is issued by an evaluation service (e.g. the platform manufacturer, vendor or an independent lab) with sufficient credibility to properly evaluate TPMs or platforms containing a TPM. It should indicate that the Trusted Building Block (TBB) design and implementation has been accepted according to the evaluation guidelines. A single platform may have multiple Conformance Credentials for multiple TBBs. They typically contain the name of the evaluator, platform manufacturer, the model number and version of the platform, the TPM manufacturer name, TPM model number and version or stepping and a pointer to the location of the TPM and platform conformance documentation. The Conformance Credential does not contain privacy sensitive information or information that can be used to uniquely identify a specific platform.

Platform Credential The Platform Credential is issued by the platform manufacturer, vendor or an independent entity. It should provide evidence, that the platform contains a TPM as described by the Endorsement Credential. The Platform Credential contains the name of the platform manufacturer, the platform model number and version and references to the Endorsement Credential and the Conformance Credentials. The Platform Credential is privacy sensitive since it contains information that can be used to uniquely identify a specific platform.

17 / 39