Trust platform module style hardware enabled devices will play a major role as the future network security infrastructure. Network threat landscape is obviously a stimulation power. The technique advance of TPM style hardware over traditional security techniques serves as another push power. More importantly, industry plans will bring us to a new network with enhanced security. More attention should be paid to some problems to enable a TPM style hardware based future network. These problems also provide opportunities for domestic security enterprises. Some characteristics of our future network are summarized.
The TPM is specifically designed to shield unencrypted keys and platform authentication information from software-based attacks.
1. Security Precautions
The following precautions and procedures may assist in recovering from any of the previously listed situations. Failure to implement these security precautions and procedures may result in unrecoverable data loss.
2. Password Procedures
The Wave Systems EMBASSY Security Center software allows users to configure passwords from 8 to 255 characters.
A good password should consist of:
- At least one upper case letter (A to Z)
- At least one numerical character (0 to 9)
- At least one symbol character (!, @, &, etc.)
Example Passwords: “I wear a Brown hat 2 worK @ least oncea-month” or “uJGFak&%)adf35a9m”
3. Emergency Recovery File Back Up Procedures
Use the EMBASSY Security Center to create the TPM Key Archive file (keyarchive.xml) onto a removable media (a floppy, CDR, or flash media). Once this is completed, the removable media should be stored in a secure location. DO NOT LEAVE ANY COPIES of the TPM Key Archive on the hard drive or within any hard drive image backups. If a copy of the TPM Key Archive remains on the system, it could be used to compromise the Trusted Platform Module and platform.
This procedure should be repeated after any password changes or the addition of a new user.
4. Hard Drive Image Backup Procedures
To allow for emergency recovery from a hard drive failure, frequent images of the hard drive should be created and stored in a secure location. In the event of a hard drive failure, the latest image can be restored to a new hard drive and access to the encrypted data can be re-established.
All encrypted and unencrypted data that was added after the last image was created will be lost.
5. Clear Text Backup (Optional)
It is recommended that system owners follow the Hard Drive Image Backup Procedures.
This option is not recommended because the data is exposed during backup and restores. To backup select files without creating a drive image, files can be moved from secured programs or drive letters to an unencrypted directory. The unencrypted (clear text) files may then be backed up to removable media and stored in a secure location. The advantage of the clear text backup is that no TPM key is required to restore the data.
6.Trusted Platform Module Ownership
The Trusted Platform Module is disabled by default when shipped and the owner/end customer of the system assumes “ownership” of the TPM. This permits the owner of the system to control initialization of the TPM and create all the passwords associated with the TPM that will be used to protect their keys and data.
System builders/integrators may install both the Wave Systems EMBASSY Security Center and the Wave Systems EMBASSY Trust Suite, but SHOULD NOT attempt to use or activate the TPM or either software package.
7. Trusted Platform Module Software
Installation The software package for the TPM can be installed from the Intel Express Installer DVD.
8. Enabling the Trusted Platform Module
The Trusted Platform Module is disabled by default when shipped to insure that the owner/end customer of the system initializes the TPM and configures all security passwords. The owner/end customer should use the following steps to enable the TPM.
- While the PC is displaying the splash screen (or POST screen), press the <F2> key to enter BIOS.
- Use the arrow keys to go to the Advanced Menu, select Peripheral Configuration, and then press the <Enter> key.
- Select the Trusted Platform Module, press <Enter>, and select Enabled and press <Enter> again (display should show: Trusted Platform Module [Enable]).
- Press the <F10> key, and press Y.
- The system should reboot and start Microsoft Windows.
9. Assuming Trusted Platform Module Ownership
Once the TPM has been enabled, ownership must be assumed by using the EMBASSY Security Center. The owner/end user should follow the steps listed below to take ownership of the TPM:
- Start the system.
- Launch the EMBASSY Security Center.
- Select the Owner tab and click on the Establish button.
- Create the Owner password (before creating any password, review the Password Recommendations made earlier in this document).
- After successfully taking ownership of the TPM, select the User tab and click on the Initialize button.
- Enter the Windows login password to create and synchronize the TCG Security Vault Password.
- To create an archive of the TPM keys, select the Key Manager icon on the left side of the EMBASSY Security Center and click on the Archive button.
- Choose a location to save the TPM Key Archive file (removable media recommended; see Emergency Recovery File Back Up Procedures for more information).
- Create a password to protect the TPM Key Archive (this password should not match the Owner password or any other password).
- Enter the Owner password when prompted.
- After completing the archive function, the TPM Key Archive (keyarchive.xml) that is now on a removable media should be stored in a secure location. No copies of the keyarchive.xml should remain on the system. This procedure should be repeated after any password changes or the addition of new users or TPM enabled software.
- All passwords associated with the EMBASSY Security Center Software (owner, TPM Key Archive, and other passwords) are not recoverable and cannot be reset without the original password. These passwords should be documented and stored in a secured location (vault, safe deposit box, or offsite storage) in case they are needed in the future. These documents should be updated after any password changes.
10. Recovery Procedures
- How to Recover from a Hard Drive Failure
Restore the latest hard drive image from backup to the new hard drive – no TPM specific recovery is necessary.
- How to Recover from a Desktop Board or TPM Failure
This procedure may restore the migratable keys from the TPM
Key Archive, but does not restore any previous keys or content to the TPM. This recovery procedure may restore access to the EMBASSY Trust Suite that is secured with migratable keys.
- TPM Key Archive file (keyarchive.xml file created with the EMBASSY Security Center)
- TPM Key Archive password (created with the EMBASSY Security Center)
- Owner password
- Working original operating system installation, or a restored image of the hard drive
- This recovery procedure may restore the migratable keys from the previously created TPM Key Archive.
- Replace the desktop board with the same model as the failed board.
- Start the original operating system or restore the original hard drive image.
- Start the EMBASSY Security Center.
- Take ownership of the Trusted Platform Module (see Assuming Trusted Platform Module Ownership, steps 3 and 4 only).
- To restore a TPM Key Archive, select the Key Manager icon on the left side of the EMBASSY Security Center and click on the Restore button.
- Enter the password for the TPM Key Archive when prompted.
- Enter the Owner password when prompted.
- Restoring the keys may take as long as 5 minutes and you may be prompted for your Windows password.
After the keys have been successfully restored, you should be able to access previously encrypted files.