An Approach for Compliance Validation of Trusted Computing Applications

Abstract

Trusted computing (TC) is considered to be one of the newly developed technologies on improving computer security and creating a trustworthy environment. Although the Trusted Computing Group (TCG) has defined specifications/or TC, including that of trusted platform module (TPM), criteria on compliance testing is still not available. It is important that the design and implementation of TPM and other components follow the specifications, as incompliance may lead to crucial security impacts. In this paper, a test mechanism checking TPM commands is instrumented into TPM application, so that conformance to standards can be examined before TPM's functional execution to validate its compliance with the specifications. Furthermore, this paper also initially puts forward the concept of "chain of compliance", which enhances the trustworthiness of computing platforms by verifying the conformance of their components.