Trusted Execution Technology: Information from Answers.com

Trusted Execution Technology (TET or TXT), formerly known as LaGrande Technology, is a key component of Intel's initiative of "safer computing".

Intel Trusted Execution Technology (Intel TXT) is a hardware extension to some of Intel's microprocessors and respective chipsets, intended to computer users or system providers with a higher level of trust and control over computer systems. Intel claims that it will be very useful, especially in the business world, as a way to defend against software-based attacks aimed at stealing sensitive information. Although commonly advertised by Intel as security technology, the Free Software Foundation explains how it can also be used to enable development of more advanced, tamper-resistant forms of DRM,^[1] and can be used to achieve vendor lock-in.

It consists of a series of hardware enhancements, to allow for the creation of multiple separated execution environments, or partitions. One component is called the TPM (Trusted platform module), which allows for secure key generation and storage, and authenticated access to data encrypted by this key. Note, however, that the private key stored in the TPM is generally not available to the owner of the machine, and never leaves the chip under normal operation. The TPM additionally provides for a means of remote assurance of a machine's security state. Another component is DMA page protection.

This technology could be coupled with VT-d (Intel Virtualization Technology for Directed I/O) designed to backup the TXT outside of the chip, and even outside the Computer itself.

TXT provides hardware and firmware security against software intended attacks. The TPM (Trusted Platform Module) that manages Trusted Platform requests generates keys and certificates for private environments (application or service space) and manages the machine trust state, that will allow for example, the local user (or even a remote party) to check the security on a workstation with a higher level of confidence, using, for example, the Remote Attestation Protocol.^[2]

1 TXT Architecture
2 Parallel Technologies
3 Availability
4 References
5 See also
6 External links

TXT Architecture

The Intel TXT protects five points on a server/client machine:

The processor: With a private environment for applications, so that the hardware resources (such as memory pools) are locked to the calling applications and cannot be accessed whether for read or write by any other process running on the platform
The chipset: Enforces security on the main board by controlling more accurately the memory management policy, enhancements to memory access mechanisms, channel control mechanisms for hardware extensions (user I/O, Graphics, etc.) and secure interface to the TPM
The user input: Protection states over keyboard and mouse, allowing users to interact with trusted platform applications, without the risk of being compromised by being observed by other running software
The display interface: This feature enables trusted platform applications to send display data to specific context (a window for example) memory buffer, preventing running software from accessing the transmitted information
The TPM device: Helps the system startup (in conjunction with ROM-BIOS startup routines), manages the keys, and provides attestations for the system's trusted status

Parallel Technologies

The TXT will be commercially distributed with another technology, the so-called VT-d^[when?]. The VT-d provides hardware remote security, protecting hardware, storage and communications, adding another security level against software attacks.

VT-d is an environment model that shares hardware resources using I/O virtualization. This can then allow control over each process's access to resources without using reprobative exclusive access methods.

Availability

Intel has released the Q35 and Q33 chipsets which support TXT.^[3] To actually use the technology on these chipsets, a TPM chip is also required. The Q45 chipset also has TXT, and in addition, an integrated TPM, called the iTPM. It needs to be enabled by the BIOS though.

Intel has also released Trusted Boot (tboot)^[4]^[5] an Open source, pre-kernel/VMM module that uses Intel Trusted Execution Technology that adds the capability to verify the Xen Virtual Machine Monitor (VMM) launch using Dynamic Root of Trust Measurement (DRTM).^[6]^[7]^[8]^[9]^[10]

References

External links

This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)

Donate to Wikimedia

	When one spouse in a family trust dies does that trust have to be executed and a new trust created? Read answer...
	If you don't trust the executive of the will and you are supposed to inherit the house should you get a copy of the will? Read answer...
	If the admin in a trust moves to another state before executing or probating the trust can another person from out of state perform it? Read answer...

	What is information technology executive committee?
	How long does a trustee have to execute the provisions in the trust?
	To what extent does rufus trust his gang to execute the raid against simon?

Trusted Execution Technology

Contents

TXT Architecture

Parallel Technologies

Availability

References

See also

External links