Once a device is booted up, the TPM will review its health and environment, and only allow operations to begin so long as the device is found to be in a trustworthy state. reliant on software security programs. This means manufacturers can quickly and easily encrypt disks and prevent a range of firmware, ransomware and dictionary attacks.

Ensuring the highest levels of security

The TPM standard defines a hardware Rootof-Trust( RoT) that can be used alongside software to enable key security features, including integrity measurements, health checks and authentication services.

Once a device is booted up, the TPM will review its health and environment, and only allow operations to begin so long as the device is found to be in a trustworthy state. Residing within a device as a dedicated processor, the TPM contains an Endorsement Key( EK), which is resistant to software-based access, and an Attestation Identity

Key( AIK) to protect the device against unauthorised modification. It achieves this by measuring sections of firmware and software before they are executed.

These measurements are then provided to the server for validation when your system tries to connect to a network. In the event they don’ t match, the boot process will not occur, and there will be no way to access and exploit any data stored in your device.

TPMs essentially offer enhanced security measures by signing and verifying data provided to your device to establish its identity. It also provides hardened storage for software and platform keys to protect algorithms being used. In the event an attack is successful, unauthorised entities still won’ t be able to access the information stored within the TPM, giving users assurance that they do not need their systems constantly evaluated by security professionals.

52 WWW. INTELLIGENTCISO. COM