2 3 TCPA CONCEPTS
• Reduce business risks by enabling trust in the behavior of critical information systems
• Protect end user private data and information by enabling trust in end systems (unknown if
current technology trajectory will lead to this result)
2 The Trusted Computing Platform Alliance (TCPA)
Doomsayers claim the TCPA is the conspiracy to prevent artistry, anonymity, or assembly. Others
wonder if TCPA is the conspiracy in prelude to the apocalypse, and wonder if this is the end of free
computing. Some skeptics question how the TCPA will know the end has been reached and wonder
if we are getting on the slippery slope to ’Big Brother’ baked into a computer. Joe Pato said that
his lecture will demonstrate that TCPA is none of these.
The TCPA is an industry group started in 1998. It was founded by Compaq, HP, IBM, Intel, and
Microsoft. Currently the group has 180 members from the hardware, software, communications,
and security technology industries. The group is focused on deﬁning and advancing the concept
of trusted computing. Competition in the security space and the need for cheap cryptography
prompted creation of this group. The companies also needed to bypass crypto export regulations,
and as a result wanted to work towards this goal with other players in the ﬁeld.
The TCPA Charter
• Provide a ubiquitous and widely adopted means to address trustworthiness of computing plat-
• Publish an open speciﬁcation for public review
• Deﬁne a technology speciﬁcation that can be applied to any type of computing platform
3 TCPA Concepts
Deﬁnition: A platform can be trusted if it behaves in the expected manner for the intended purpose.
TCPA Technology provides the mechanisms for:
• Platform authentication and attestation — is this platform actually a TCPA platform?
• Platform integrity reporting — has this TCPA platform been modiﬁed in any fashion?
• Protected storage — enabling secure stable storage in the presence of adversaries, architecture
enables root of trust that allows third parties to rely on this trust