摘要 |
A method and apparatus for enabling applications on security processors of computer systems. The computer system (10) includes a security architecture such as a Trusted Platform Module (TPM). The system (10) includes an input portion 812), a security portion (14) and a standard portion (16). The input portion (12) includes a variety of different input devices such as a card reader (20), keyboard (22) or fingerprint reader (24). The programmable security processor (26) in the security portion (14) implements a TPM security architecture. A nonvolatile memory (28) is connected to the processor (26). The nonvolatile memory (28) stores a secure table of hash values and endorsement keys which are used to determine whether applications to be loaded on the processor (26) are authorized. Each stored value is derived from a different application that is certified by the associated endorsement key to be executed on the processor.
|