Intel Desktop Boards D865GRH Product Guide

Loss of Trusted Platform Module Ownership: Trusted Platform Module Ownership/contents may be cleared (via a BIOS switch) to allow for the transfer of a system to a new owner. If TPM ownership is cleared, either intentionally or in error, recovery procedures may allow the migratable keys to be recovered and may restore access to encrypted data. Read the Security Precautions for Emergency Recovery File Back Up Procedures.

TPM Keys are Hierarchical: All TPM keys have a place within a hierarchy. Within this hierarchy, keys must be loaded into the TPM before child keys can be used. It may not be obvious that any particular key is child or parent. If a key is backed up but the parent key is either not available or the password for the parent key is not available, the associated data will not be available. Read the Security Precautions for Emergency Recovery File Back Up Procedures.

Security Precautions

Security, like any other aspect of computer maintenance, requires planning. What is unique about security has to do with understanding who are “friends” and who are adversaries. The TPM provides mechanisms to enable the owner/user to protect their information from adversaries. To provide this protection, the TPM effectively puts “locks” around the data. Just like physical locks, if keys or combinations are lost, the assets (data) may be inaccessible not only to adversaries, but also to asset the owner/user.

The TPM provides two classes of keys: migratable and non-migratable. Migratable keys are designed to protect data that can be used (unencrypted) on more than one platform. This has the advantage of allowing the key data to be replicated (backed-up and restored) to another platform. This may be because of user convenience (someone uses more than one platform, or the data needs to be available to more than one person operating on different platforms). This type of key also has the advantage in that it can be backed-up and restored from a defective platform onto a new platform. However, migratable keys may not be the appropriate level of protection (for example, the user wants the data restricted to a single platform) needed for the application. This requires a non-migratable key.

Non-migratable keys carry with them a usage deficit in that while the key may be backed-up and restored (protected from hard disk failure), they are not protected against system or TPM failure. The very nature of a non-migratable key is that they can be used on one and only one TPM. In the event of a system or TPM failure, all non-migratable keys and the data associated with them will be inaccessible and unrecoverable.

CAUTION

The following precautions and procedures may assist in recovering from any of the previously listed situations. Failure to implement these security precautions and procedures may result in unrecoverable data loss.

86

Page 86
Image 86
Intel D865GRH manual Security Precautions