A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security - PDF
Скачать полную версию книги "A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security - PDF"
“Riveting! I couldn’t put it down until the last page.”
“I’m exhausted from reading this book! It kept me up three nights in a row. Where’s my Ambien when I need it?”
“The suspense was killing me. I just had to read it straight through!”
Although these responses to our book would be gratifying, it’s doubtful that any book on digital security will ever garner this type of reaction. Digital security is the computer equivalent of disaster insurance. Few people care very much about it or give it much thought, and everyone hates paying for it … until a catastrophe hits. Then we are either really glad we had it or really sad that we didn’t have enough of it or didn’t have it at all.
We may sound like Chicken Little crying the “the sky is falling, the sky is falling,” but mark our words: a digital security catastrophe is headed your way. We could quote a plethora of statistics about the rising occurrence of digital security threats, but you’ve probably heard them, and, quite frankly, you don’t care, or at least you don’t care enough. It’s questionable whether any preaching on our part will make you care enough until you’re personally impacted by such a calamity, but we’ll try anyway.
When your reputation is tarnished, your finances are impacted, your identity is stolen, your physical well-being is threatened, your company’s reputation and finances are harmed, and, quite possibly, your country is overthrown, then you’ll wake up to the need for cyber security. But it might be too late then. Like people living in a flood zone, the question isn’t whether the flood is coming, but rather when the disaster will hit and whether you’ll be prepared for it. The time to buy digital-security flood insurance is now! Don’t wait until the flood hits.
A Practical Guide to TPM 2.0 can be part of your digital-security insurance policy. The TPM was designed as one of the core building blocks for digital security solutions. The November 2013 “Report to the President: Immediate Opportunities for Strengthening the Nation’s Cybersecurity” recommends “the universal adoption of the Trusted Platform Module (TPM), an industry-standard microchip designed to provide basic securityrelated functions, primarily involving encryption keys, including for phones and tablets.” Computers and devices that incorporate a TPM are able to create cryptographic keys and encrypt them so they can be decrypted only by the TPM. A TPM provides this limited but fundamental set of capabilities that higher layers of cybersecurity can then leverage. Today, TPMs are present in many laptop and desktop personal computers. They’re used by enterprises for tasks like secure disk encryption, but they have yet to be incorporated to any significant extent in smartphones, game consoles, televisions, in-car computer systems, and other computerized devices and industrial control systems. This needs to happen for such devices to be trustworthy constituents of the increasingly interconnected device ecosystem.
Our passion in writing this book is to empower and excite a rising generation of IT managers, security architects, systems programmers, application developers, and average users to use the TPM as the bedrock of increasingly sophisticated security solutions that will stem the rising tide of threats that are being aimed at us, our employers, and our civil institutions. Furthermore, the TPM is just plain cool. How many engineers, as children, played with simple cryptography for fun? The ability to send an encrypted message to a friend appeals to the secretive part of our human nature—the same part that enjoyed playing spy games when we were young. And besides being fun, there’s something inherently, morally right about protecting people’s assets from being stolen.
The TPM 2.0 technology can accomplish this. We believe in this technology and hope to make believers of you, our readers, as well. Our hope is that you’ll get as excited about this technology as we are and “go out and do wonderful things” with it, to paraphrase Robert Noyce, one of Intel’s founders.