收藏 分享(赏)
下载资源 加入VIP,免费下载

ISO_IEC_11889-1_2015.pdf

上传人:益****师 文档编号:234804 上传时间:2023-03-14 格式:PDF 页数:278 大小:8.46MB
下载 相关 举报
ISO_IEC_11889-1_2015.pdf_第1页
第1页 / 共278页
ISO_IEC_11889-1_2015.pdf_第2页
第2页 / 共278页
ISO_IEC_11889-1_2015.pdf_第3页
第3页 / 共278页
ISO_IEC_11889-1_2015.pdf_第4页
第4页 / 共278页
ISO_IEC_11889-1_2015.pdf_第5页
第5页 / 共278页
ISO_IEC_11889-1_2015.pdf_第6页
第6页 / 共278页
亲,该文档总共278页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述

1、Information technology Trusted Platform Module Library Part 1:ArchitectureTechnologies de linformation Bibliothque de module de plate-forme de confiance Partie 1:ArchitectureINTERNATIONAL STANDARDISO/IEC11889-1Reference numberISO/IEC 11889-1:2015(E)Second edition 2015-12-15 ISO/IEC 2015Corrected ver

2、sion 2016-04-01 ii ISO/IEC 2015 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO/IEC 2015,Published in SwitzerlandAll rights reserved.Unless otherwise specified,no part of this publication may be reproduced or utilized otherwise in any form or by any means,electronic or mechanical,including photo

3、copying,or posting on the internet or an intranet,without prior written permission.Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCh.de Blandonnet 8 CP 401CH-1214 Vernier,Geneva,SwitzerlandTel.+41 22 749 01 11F

4、ax+41 22 749 09 47copyrightiso.orgwww.iso.orgISO/IEC 11889-1:2015(E)ISO/IEC 11889-1:2015(E)CONTENTS Foreword.xiv Introduction.xv 1 Scope.1 2 Normative references.2 3 Terms and definitions.3 4 Symbols and Abbreviated Terms.12 4.1 Symbols.12 4.2 Abbreviations.13 5 Conventions.15 5.1 Bit and Octet Numb

5、ering and Order.15 5.2 Sized Buffer References.15 5.3 Numbers.16 5.4 KDF Label Parameters.16 6 ISO/IEC 11889 Organization.17 7 Compliance.19 8 Changes from Previous Versions.20 9 Trusted Platforms.21 9.1 Trust.21 9.2 Trust Concepts.21 Trusted Building Block.21 9.2.1 Trusted Computing Base.21 9.2.2 T

6、rust Boundaries.21 9.2.3 Transitive Trust.22 9.2.4 Trust Authority.22 9.2.59.3 Trusted Platform Module.23 9.4 Roots of Trust.23 Introduction.23 9.4.1 Root of Trust for Measurement(RTM).24 9.4.2 Root of Trust for Storage(RTS).24 9.4.3 Root of Trust for Reporting(RTR).24 9.4.49.5 Basic Trusted Platfor

7、m Features.25 Introduction.25 9.5.1 Certification.26 9.5.2 Attestation and Authentication.26 9.5.3 Protected Location.29 9.5.4 Integrity Measurement and Reporting.30 9.5.510 TPM Protections.31 10.1 Introduction.31 10.2 Protection of Protected Capabilities.31 10.3 Protection of Shielded Locations.31

8、10.4 Exceptions and Clarifications.31 11 TPM Architecture.33 11.1 Introduction.33 11.2 TPM Command Processing Overview.33 11.3 I/O Buffer.37 11.4 Cryptography Subsystem.37 ii ISO/IEC 2015 All rights reserved ISO/IEC 11889-1:2015(E)Introduction.37 11.4.1 Hash Functions.37 11.4.2 HMAC Algorithm.38 11.

9、4.3 Asymmetric Operations.38 11.4.4 Signature Operations.39 11.4.5 Symmetric Encryption.41 11.4.6 Extend.43 11.4.7 Key Generation.43 11.4.8 Key Derivation Function.43 11.4.911.4.10 Random Number Generator(RNG)Module.47 11.4.11 Algorithms.49 11.5 Authorization Subsystem.50 11.6 Random Access Memory.5

10、1 Introduction.51 11.6.1 Platform Configuration Registers(PCR).51 11.6.2 Object Store.52 11.6.3 Session Store.52 11.6.4 Size Requirements.52 11.6.511.7 Non-Volatile(NV)Memory.53 11.8 Power Detection Module.53 12 TPM Operational States.54 12.1 Introduction.54 12.2 Basic TPM Operational States.54 Powe

11、r-off State.54 12.2.1 Initialization State.54 12.2.2 Startup State.55 12.2.3 Shutdown State.58 12.2.4 Startup Alternatives.58 12.2.512.3 Self-Test Modes.59 12.4 Failure Mode.60 12.5 Field Upgrade.61 Introduction.61 12.5.1 Field Upgrade Mode.61 12.5.2 Preserved TPM State.64 12.5.3 Field Upgrade Imple

12、mentation Options.65 12.5.413 TPM Control Domains.66 13.1 Introduction.66 13.2 Controls.66 13.3 Platform Controls.67 13.4 Owner Controls.68 13.5 Privacy Administrator Controls.68 13.6 Primary Seed Authorizations.69 13.7 Lockout Control.69 13.8 TPM Ownership.70 Taking Ownership.70 13.8.1 Releasing Ow

13、nership.70 13.8.214 Primary Seeds.72 ISO/IEC 2015 All rights reserved iii ISO/IEC 11889-1:2015(E)14.1 Introduction.72 14.2 Rationale.72 14.3 Primary Seed Properties.73 Introduction.73 14.3.1 Endorsement Primary Seed(EPS).73 14.3.2 Platform Primary Seed(PPS).74 14.3.3 Storage Primary Seed(SPS).74 14.

14、3.4 The Null Seed.74 14.3.514.4 Hierarchy Proofs.74 15 TPM Handles.76 15.1 Introduction.76 15.2 PCR Handles(MSO=0016).76 15.3 NV Index Handles(MSO=0116).76 15.4 Session Handles(MSO=0216 and 0316).76 15.5 Permanent Resource Handles(MSO=4016).77 15.6 Transient Object Handles(MSO=8016).77 15.7 Persiste

15、nt Object Handles(MSO=8116).77 16 Names.78 17 PCR Operations.80 17.1 Initializing PCR.80 17.2 Extend of a PCR.80 17.3 Using Extend with PCR Banks.80 17.4 Recording Events.81 17.5 Selecting Multiple PCR.81 17.6 Reporting on PCR.82 Reading PCR.82 17.6.1 Attesting to PCR.82 17.6.217.7 PCR Authorization

16、s.83 Introduction.83 17.7.1 PCR Not in a Set.83 17.7.2 Authorization Set.83 17.7.3 Policy Set.84 17.7.4 Order of Checking.84 17.7.517.8 PCR Allocation.84 17.9 PCR Change Tracking.84 17.10 Other Uses for PCR.85 18 TPM Command/Response Structure.86 18.1 Introduction.86 18.2 Command/Response Header Fields.88 Introduction.88 18.2.1 tag.88 18.2.2 commandSize/responseSize.88 18.2.3 commandCode.88 18.2.4 responseCode.88 18.2.518.3 Handles.89 18.4 Parameters.89 18.5 authorizationSize/parameterSize.90 iv

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 专业资料 > 国外标准

copyright@ 2008-2023 wnwk.com网站版权所有

经营许可证编号:浙ICP备2024059924号-2