Hi List,
In my situation I have to tolerate CATASTROPHIC hardware events. Not
failures, but the owners of my platforms can, and routinely do, swap
hard-drives with newly pre-imaged ones. This is the "upgrade" procedure.
This is done remotely and we have no way to touch the system. We cannot
"pre-provision" these imaged drives before they ship.
Per my understanding, and please correct me if I'm wrong, this would
obliterate any keys that Trousers has stored. What WOULD persist is:
1. EK
2. SRK
3. Ownership state and auth data
So to deal with this, I can either ensure keys (or something) is stored
persistently in the chip across reboots and catastrophic events, or develop
a process that tolerates these events (rely on ownership to recover and
create keys at run time if they have been obliterated, no need to
re-provision).
I researched OWNER_EVICT keys but was not convinced that this is a
permanent solution, only that the owner can control when a key is swapped
out of the TPM.
Is there a proven method for on-chip storage and what does it buy me? Or
if there isn't, that's valuable to know too.
Thanks for you time,
-Tadd
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
