This is an interesting question. I don't think that there is a TPM (MTM rather) in any Android phone or even that there will be one because the basic functionality will probably not be provided as a separate component but rather build on firmware and some specific instructions in the CPU. It is quite possible that there are Android phones out there that already have the basics but the software isn't available.
One of the issues I have with mobile security is that these solutions tend to be encumbered by IPR interests and thus do not work particularly well in an open source world. There are also competing efforts like GlobalPlatform who hope for new life for SIM-based security since SIMs have been losing ground lately (not even the address book is there these days), and could eventually be virtualized as well. A major difficulty with TPM/MTM is that you don't get very far with an API only, at least not for using such a device as a keystore on a larger scale. To do the latter you need protocols as well which have turned out to be a rather tricky business since this part doesn't have any obvious "owner". To not get completely stuck vendors like RIM have invested in other solutions like enhanced uSD cards that works for an enterprise but not for consumers (who is going to supply the card etc etc). I'm personally mainly interested in security solutions that has a chance of reaching the 4 BILLIONS of people using mobile phones, which requires a lot of support infrastructure and freedom from IPR. Regards Anders Rundgren Individual member of Trusted Computing Group's mobile WG Bernd Ritter wrote:
Hi Folks, I am looking for information for accessing the Trusted Platform Module. The API specifications doesn't seem to provide any information on this, my search in this group also didn't dig up any information on how to access it. Is there actually and way to access a TPM? Or is there actually any TPM in any android device yet?? Greetings, Bernd To unsubscribe from this group, send email to android-security-discuss+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
