• There are no items in your cart

CAN/CSA-ISO/IEC 11889-1:16

Current
Current

The latest, up-to-date edition.

Information technology Trusted Platform Module Library Part 1: Architecture (Adopted ISO/IEC 11889-1:2015, second edition, 2015-12-15)
Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

01-01-2016

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and Abbreviated Terms
5 Conventions
6 ISO/IEC 11889 Organization
7 Compliance
8 Changes from Previous Versions
9 Trusted Platforms
10 TPM Protections
11 TPM Architecture
12 TPM Operational States
13 TPM Control Domains
14 Primary Seeds
15 TPM Handles
16 Names
17 PCR Operations
18 TPM Command/Response Structure
19 Authorizations and Acknowledgments
20 Audit Session
21 Session-based encryption
22 Protected Storage
23 Protected Storage Hierarchy
24 Credential Protection
25 Object Attributes
26 Object Structure Elements
27 Object Creation
28 Object Loading
29 Object Creation in Reference Implementation
30 Context Management
31 Attestation
32 Cryptographic Support Functions
33 Locality
34 Hardware Core Root of Trust Measurement (H-CRTM)
   Event Sequence
35 Command Audit
36 Timing Components
37 NV Memory
38 Multi-Tasking
39 Errors and Response Codes
40 General Purpose I/O
41 Minimums
Annex A (normative) - RSA
Annex B (normative) - ECC
Annex C (normative) - Support for SMx Family of Algorithms
Annex D (informative) - Key Generation
Annex E (informative) - Policy Examples
Annex F (informative) - Acknowledgements and contributors
Bibliography

Specifies the architectural elements of the Trusted Platform Module (TPM), a device which enables trust in computing platforms in general.

Preface Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). For brevity, this Standard will be referred to as "CAN/CSA-ISO/IEC 11889-1" throughout. At the time of publication, ISO/IEC 11889-1:2015 is available from ISO and IEC in English only. CSA Group will publish the French version when it becomes available from ISO and IEC. Scope This part of ISO/IEC 11889 defines the architectural elements of the Trusted Platform Module (TPM), a device which enables trust in computing platforms in general. Some TPM concepts are explained adequately in the context of the TPM itself. Other TPM concepts are explained in the context of how a TPM helps establish trust in a computing platform. When describing how a TPM helps establish trust in a computing platform, this part of ISO/IEC 11889 provides some guidance for platform requirements. However, the scope of ISO/IEC 11889 is limited to TPM requirements. This part of ISO/IEC 11889 illustrates TPM security and privacy techniques in the context of a platform through the use of cryptography. It includes definitions of how different cryptographic techniques are implemented by a TPM. The scope of ISO/IEC 11889 does not include cryptographic analysis or guidance about the applicability of different algorithms for specific uses cases. TPM requirements in this part of ISO/IEC 11889 are general, covering concepts like integrity protection, isolation and confidentially. Defining a specific strength of function or assurance level is out of scope for ISO/IEC 11889. This approach limits the guarantees provided by ISO/IEC 11889 itself, but it does allow the TPM architectural elements defined to be adapted to meet diverse implementation and platform specific needs.

DocumentType
Standard
ISBN
978-1-4883-0493-4
Pages
0
PublisherName
Canadian Standards Association
Status
Current

Standards Relationship
ISO/IEC 11889-1:2015 Identical

ISO/IEC 15946-1:2016 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 1: General
ISO/IEC 14888-3:2016 Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms
ISO/IEC 11889-2:2015 Information technology Trusted Platform Module Library Part 2: Structures
ISO/IEC 11889-3:2015 Information technology Trusted Platform Module Library Part 3: Commands
ISO/IEC 18033-3:2010 Information technology Security techniques Encryption algorithms Part 3: Block ciphers
FIPS PUB 140-2 : 0 SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
ISO/IEC 10118-3:2004 Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions
ISO/IEC 15946-5:2017 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 5: Elliptic curve generation
ISO/IEC 9797-2:2011 Information technology Security techniques Message Authentication Codes (MACs) Part 2: Mechanisms using a dedicated hash-function
ISO/IEC 10116:2017 Information technology — Security techniques — Modes of operation for an n-bit block cipher
IEEE 1363.3-2013 IEEE Standard for Identity-Based Cryptographic Techniques using Pairings
ISO/IEC 11889-4:2015 Information technology Trusted Platform Module Library Part 4: Supporting Routines
ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques

View more information
US$238.00
Excluding Tax where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.