¶ … Trusted Platform Module is a dedicated microprocessor that is designed to secure computer hardware. TPM secures hardware by integrating cryptographic keys into the computer devices. According to Potter (2009) the cryptographic keys are specific to the host system and they are used for authenticating the host systems hardware. Using hardware-based cryptography will ensure that all the information stored in the hardware is protected from any external software attacks. TPM security is vital to ensure that threats that occur at the hardware level are detected, and prevented from spreading to other computers. Hardware level threats target the BIOS system. When the computer BIOS has been attacked no software antivirus will have the capability to recognize the attack. TPM will authenticate the hardware in the system to provide platform integrity. Platform integrity will measure the integrity of the boot sector, disk MBR, BIOS, and operating system. The integrity measurement is intended to ensure that no unauthorized changes have taken place. If changes are detected, integrity test will fail, and the system will not fail to boot. TPM has the capability to recover and boot from the last known good configuration.

TPM is able to prevent malware attacks and rootkit attacks. Platform integrity will detect if there are any malware or rootkit attacks and this will prevent the computer form booting up. Preventing the system from booting will ensure that the user's data and information is secure. Platform integrity will ensure that before a computer is allowed network access it has to pass the integrity measurement. Authenticating users in a network is harder nowadays since attackers have discovered ways of cloning computers within a network. Using TPM the network administrator is able to identity, and confirm the identity of all the computers on the network before they authorize the computers to access the network. Ensuring that only healthy computers have access to the network will prevent the spread of viruses or malware. The number of black hat attacks...

This indicates that TPM security offers a better level of security that any software-based tool currently available.
TPM chips provide for disk encryption. Disk encryption protects the contents of the disk from unauthorized users. The security provided by TCM is able to encrypt the entire disk volume or only the operating system volume. Disk encryption will prevent changes from taking place without the user's authorization. This will also protect any critical and sensitive information that the user might have stored on their computer Stefan, Wu, Yao, & Xu, 2009.

The encryption provided by TPM is self encrypting, which guards and secure the data in case the machine or drive is lost. The keys for encryption are stored in the drive. This increases security as there is no way an attacker will manage to gain access to the drive contents without the decryption keys. Storing the encryption keys in the drive also boost security, as the drive will independently authenticate the user. Independent authentication is not linked to the operating system, which ensures that drive contents cannot be accessed even if a person manages to override the operating system security.

TPM provides for increased password protection. The module has prevention mechanism that is built in and will protect against automated dictionary attacks. Dictionary attacks are used to guess a password by using words from a dictionary. The system will prevent automated attacks, but will provide the user will a reasonable number of tries before it locks them out. This level of protection enables user to specify shorter or weaker passwords that are more memorable. Using software only to prevent such an attack would result in easy access to hackers and attackers. This is because software is more prone to these attacks than hardware.

Trusted Platform Module authorization protocols

There are two main authorization…