A practical guide to trusted computing

✍ Scribed by Challener, David

Publisher: IBM Press/Pearson plc
Year: 2007;2008
Tongue: English
Leaves: 237
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

Use Trusted Computing to Make PCs Safer, More Secure, and More ReliableEvery year, computer security threats become more severe. Software alone can no longer adequately defend against them: what's needed is secure hardware. The Trusted Platform Module (TPM) makes that possible by providing a complete, open industry standard for implementing trusted computing hardware subsystems in PCs. Already available from virtually every leading PC manufacturer, TPM gives software professionals powerful new ways to protect their customers. Now, there's a start-to-finish guide for every software professional and security specialist who wants to utilize this breakthrough security technology. Authored by innovators who helped create TPM and implement its leading-edge products, this practical book covers all facets of TPM technology: what it can achieve, how it works, and how to write applications for it. The authors offer deep, real-world insights into both TPM and the Trusted Computing Group (TCG) Software Stack. Then, to demonstrate how TPM can solve many of today's most challenging security problems, they present four start-to-finish case studies, each with extensive C-based code examples. Coverage includes
What services and capabilities are provided by TPMs TPM device drivers: solutions for code running in BIOS, TSS stacks for new operating systems, and memory-constrained environments Using TPM to enhance the security of a PC's boot sequence Key management, in depth: key creation, storage, loading, migration, use, symmetric keys, and much more Linking PKCS#11 and TSS stacks to support applications with middleware services What you need to know about TPM and privacy--including how to avoid privacy problems Moving from TSS 1.1 to the new TSS 1.2 standard TPM and TSS command references and a complete function library

✦ Table of Contents

Contents......Page 12
Foreword......Page 16
Preface......Page 18
Chapter 1. Policy Definition and Usage Scenarios......Page 28
1.1. Formal Definition of Policy......Page 29
1.1.1. Types, Nature, and Usage of Policies......Page 33
1.2. Policy-Based Self-Configuration......Page 37
1.3. Policy-Based Self-Protection in Computer Networks......Page 40
1.4. Policy-Based Self-Optimization in Computer Systems......Page 42
1.5. Policy-Based Self-Healing......Page 43
1.6. Building a Policy-Based Management System......Page 44
1.7. Summary......Page 47
Chapter 2. Policy Lifecycle—Creation, Distribution, and Enforcement......Page 48
2.1. A Holistic View of the Policy Lifecycle......Page 49
2.2.1. Network QoS Control......Page 52
2.2.2. Privacy Policy Publication......Page 54
2.2.3. Policy-Based Management of Enterprise Network Access......Page 55
2.3. Policy Creation......Page 57
2.4. Policy Distribution......Page 58
2.5. Policy Distribution Using Repositories......Page 62
2.5.1. Grouping of Policies by System Components Role......Page 63
2.5.2. Grouping of Policy Components......Page 64
2.6. Policy Creation and Distribution for Multiple Administrative Domains......Page 65
2.7. Policy Enforcement......Page 68
2.7.1. Policy Evaluation Trigger......Page 69
2.7.2. Policy Enforcement Context......Page 71
2.7.3. Data Gathering......Page 72
2.7.4. Policy Evaluation......Page 73
2.7.5. Decision Execution......Page 76
2.8. Summary......Page 77
Chapter 3. Policy Information Model......Page 78
3.1. How Is an Information Model Described?......Page 79
3.2. Policy Information Models......Page 81
3.2.1. Why Use Information Models......Page 82
3.2.2. Condition-Action Information Model......Page 83
3.2.4. Mode-Subject-Action-Target Information Model......Page 86
3.2.5. Grouping, Scope, and Priorities......Page 87
3.3.1. The Common Information Model (CIM)......Page 89
3.3.2. The CIM Policy Model......Page 90
3.4. Summary......Page 96
Chapter 4. Policy Languages......Page 98
4.1. Declarative Nature of Policy Languages......Page 99
4.2.1. PDL......Page 100
4.2.2. Ponder......Page 103
4.2.3. CQL......Page 106
4.2.5. ACPL......Page 108
4.3.1. CIM-SPL Policy Rules......Page 109
4.3.2. Policy Groups......Page 114
4.3.3. An Example of CIM-SPL Policy......Page 116
4.4. Summary......Page 118
Chapter 5. Policy Transformation and Analysis......Page 120
5.1. Policy Transformation......Page 121
5.2. Design-Time Techniques for Policy Transformation......Page 122
5.2.2. Transformation Using Static Rules......Page 123
5.2.3. Transformation by Policy Table Lookup......Page 124
5.2.4. Transformation Using Case-Based Reasoning......Page 126
5.3. Real-Time Policy Transformation......Page 131
5.4.1. Conflict Checking......Page 133
5.4.2. Conflict Resolution......Page 136
5.4.3. Coverage Checking......Page 138
5.4.4. What-If Analysis......Page 139
5.5. Related Work......Page 140
5.6. Summary......Page 141
Chapter 6. Policy-Based Configuration Management......Page 142
6.1. Configuration Management Overview......Page 143
6.2.1. Policy-Based Simplification of Configuration Management......Page 145
6.2.2. Policy-Based Tuning of System Configuration......Page 146
6.2.3. Policy-Based Checking of System Configuration......Page 147
6.3. Example in Storage Area Networks......Page 148
6.3.1. Configuration Checking of Storage Area Networks......Page 149
6.3.2. Policy Modeling and Representation......Page 152
6.3.3. Architecture of a Policy-Based SAN Configuration Checker......Page 155
6.4. Example in Hosted Server Environment......Page 158
6.4.1. Architecture for Self-Configuration......Page 160
6.4.2. Variations on the Architecture......Page 163
6.5. Summary......Page 164
7.1. Fault Management Overview......Page 166
7.1.1. Fault Management in Networks......Page 168
7.1.2. Fault Management in Web-Based Applications......Page 171
7.2. Policy-Based Fault Management......Page 172
7.2.1. Policy-Based Acquisition of Fault Information......Page 173
7.2.2. Policy-Based Format Conversion......Page 174
7.2.3. Policy-Based Event Volume Reduction......Page 176
7.2.4. Policy-Based Root Cause Analysis......Page 177
7.2.5. Policy-Based Remedial Action......Page 178
7.3. Architecture of a Policy-Based Fault Management System......Page 180
7.4. Summary......Page 183
Chapter 8. Policy-Based Security Management......Page 184
8.1. Overview of Security Management......Page 185
8.2. Policy Applications in Security......Page 186
8.2.1. Policy-Driven Access Control......Page 187
8.2.2. Higher-Level Access Policies......Page 190
8.2.3. Policy-Based Self-Protection......Page 191
8.3. Policy-Based Security Assurance for IPsec Protocol......Page 195
8.3.1. Business Needs Satisfied by the Security Assurance Tool......Page 196
8.3.2. Communication Control Policies for IPsec Protocol......Page 197
8.3.3. Generating the Communication Control Policies......Page 199
8.4. Summary......Page 200
9.1. Production Rules......Page 202
9.2. Business Rules and Processes......Page 204
9.3. IT Processes......Page 206
9.4. Event Correlation and Notification Systems......Page 207
9.5. Service Level Agreements......Page 210
9.6. Regulatory Compliance......Page 212
9.7. Proliferation of Policy-Based Technologies......Page 213
References......Page 216
A......Page 222
C......Page 223
D......Page 225
F......Page 226
I......Page 227
M......Page 228
P......Page 229
Q–R......Page 232
S......Page 233
U–V–W......Page 234
X–Y–Z......Page 235

📜 SIMILAR VOLUMES

A Practical Guide to Trusted Computing

📁 A Practical Guide to Trusted Computing

✍ David Challener, Kent Yoder, Ryan Catherman, David Safford, Leendert Van Doorn 📂 Library 📅 2008 🏛 IBM Press 🌐 English

I think this book may be useful for people more familiar with the subject.I hoped to understand TPM command to encrypt/decrypt the data/key but find the book hard to read. There are several examples in C but those are evasive and leave me with more questions and doubt. I gave up after several chapte

A Practical Guide to Trusted Computing

📁 A Practical Guide to Trusted Computing

✍ David Challener, Kent Yoder, Ryan Catherman, David Safford, Leendert Van Doorn 📂 Library 📅 2008 🏛 IBM Press 🌐 English

Grid Computing: A Practical Guide To Tec

📁 Grid Computing: A Practical Guide To Technology and Applications

✍ Ahmar Abbas 📂 Library 📅 2003 🏛 Charles River Media 🌐 English

Generally speaking, grid computing seeks to unify geographically dispersed computing systems to create one large, powerful system. Over the past 20 years, grid computing has had a relatively small impact on corporate productivity, due to the substantial investment it required to deploy and maintain

A Practical Guide to Computer Forensics

📁 A Practical Guide to Computer Forensics Investigations

✍ Darren R. Hayes 📂 Library 📅 2014 🏛 Pearson IT Certification 🌐 English

A Practical Guide to Computer Forensics

📁 A Practical Guide to Computer Forensics Investigations

✍ Darren R. Hayes 📂 Library 📅 2014 🏛 Pearson IT Certification 🌐 English

Criminals go where the money is. Today, trillions of dollars of assets are digital, and digital crime is growing fast. In response, demand for digital forensics experts is soaring. To succeed in this exciting field, you need strong technical and investigative skills. In this guide, one of the world’

Family Trusts: A Guide for Beneficiaries

📁 Family Trusts: A Guide for Beneficiaries, Trustees, Trust Protectors, and Trust Creators

✍ Hartley Goldstone, James E. Hughes Jr., Keith Whitaker 📂 Library 📅 2015 🏛 Wiley 🌐 English

An insightful and practical guide to family trusts Family Trusts is a step-by-step guide for anyone involved in family trusts: trust creators, trustees, beneficiaries, and advisors. It will help families create and administer a culture that recognizes trusts as a gift of love