Toshiba TPM TECHNICAL SPECIFICATIONS
Installation Guide V2.1
TPM (Trusted Platform Module)
computers.toshiba-europe.com
TPM (Trusted Platform Module)
Table of contents
1 Introduction.................................................................................................. 4
1.1 Convention .................................................................................... 4
1.2 TPM - An Overview ........................................ ....... ...... ....... ...... ..... 5
2 Using TPM for the first time............. .... ..... .... .... .... .... ..... .... .... .... ..... ............6
2.1 Enabling TPM................................................................................ 6
2.2 Installing the Infineon TPM Professional Package ........................ 7
2.3 Registering Owners and Users in TPM ......................................... 7
3 Personal Secure Drive............................................................................... 11
3.1 Advantages of Personal Secure Drive......................................... 11
3.2 Personal Secure Drive (PSD) - Basic Operation................ ...... ... 11
4 Secure E-Mail ............................................................................................. 13
4.1 Configuration ........................ ....... ....................................... ...... ... 13
5 EFS (Encrypting File System) Extension.................................................14
6 TOSHIBA Password Utility........................ .... ............................................15
7 Migration of the TPM Environment and Disposal ...................................16
7.1 Migration............ ...... ....... ...... ....... ...... ....... ...... ............................. 16
7.2 PC Disposal. ...... ...... ....... ...... ....... ...... ....... ...... ....... ...... ....... ......... 16
8 Recovery for TPM ......................................................................................17
8.1 Emergency Recovery Process - An Overview............................. 17
8.2 Resetting the User Password............ ....... ...... ....... ...... ....... ...... ... 17
8.3 PSD restore................................................................................. 17
Index
2 Installation Guide
Copyright
This guide is copyrighted by Toshiba Corporation with all rights reserved.
Under the copyright laws, this guide cannot be reproduced in any form
without the prior written permission of Toshiba. No patent liability is
assumed, however, with respect to the use of the information contained
herein.
© 2008 by Toshiba Corporation. All rights reserved.
Trademarks
Microsoft and Windows are trademarks of Microsoft Corporation in the
United States and/or other countries.
All other brand and product names are trademarks or registered
trademarks of their respective companies.
TPM (Trusted Platform Module)
Installation Guide 3
TPM (Trusted Platform Module)
1 Introduction
Your computer has an integrated Trusted Platform Module (TPM). To
activate TPM, you will need to either enable it or install the Infineon
Security Platform Tools software. This installation guide describes how to
install and configure TPM. Before using TPM, please read this Installation
Guide carefully.
1.1 Convention
This guide uses the following formats to describe, identify, and highlight
terms and operating procedures.
Safety Icons
This guide contains safety instructions that must be observed in order to
avoid potential hazards that could result in personal injuries, damage to
your equipment, or loss of data . These s afety ca utions ha ve been classif ied
according to the seriousness of the risk, and the icons highlight these
instructions as follows:
Indicates a potentially hazardous situation which, if not avoided, could
result in death or serious injury.
Indicates a potentially hazardous situation which, if not avoided, may result
in property damage.
Provides important information.
4 Installation Guide
1.2 TPM - An Overview
The built-in securi ty contro ller TPM b ased on the T ruste d Computin g Gro up
specifications. TPM offers data protection by using secret encryption keys
instead of secret encryption formulae (Algorithms). In encryption based
solely on software, there is a danger that the encryption key saved in the
file or read into the PC ’ s m em ory c oul d b e r ead an d d ec iph ered . By s tori ng
the encryption key in TPM instead, the data is more securely protected.
As TPM uses public and standardized specifications, a more secure PC
environment can be built by utilizing the corresponding security s olution.
For additional TCG specification information visit their website at
http://www.trustedcomputinggroup.org/
Encryption, Certificates and Passwords
n TPM offers a feature to create and set multiple encryption keys,
certificates and passwords. Once set, make sure the passwords are
carefully stored and encryption key files are backed up. If these
settings are lost or forgotten, files encrypted using this TPM cannot be
decrypted and the encrypted data cannot be accessed.
TPM
n Though TPM offers the latest security features, it does not guarantee
complete data and hard ware pro tection. Please n ote that Toshiba is not
responsible for any failure or damage that might be caused due to the
use of this feature.
TPM (Trusted Platform Module)
If multiple users have b een regi ste r ed in M icr os oft® Windows® and if these
users are to use TPM, each user must log into Windows
®
and register
individually.
Installation Guide 5
TPM (Trusted Platform Module)
2 Using TPM for the first time
This manual contains only the general guidelines. Please refer to and read
the TPM HELP after installing the TPM Professional Package.
When using TPM for the first time, you will need to configure it as follows.
(The settings 1 - 3 can be done by logging in as Windows
1. Enable TPM.
2. Install t he Infineon TPM Professional Package.
3. Register the owner and users in TPM.
2.1 Enabling TPM
To enable TPM, perform the following BIOS settings:
1. Switch on your computer while pressing the Esc key.
2. A message is displayed. Press the F1 key.
3. The BIO S Setup screen is displayed.
4. Press Page Down to see the next screen.
5. Set the TPM in SECURITY CONTROLLER to Enabled.
Some models may have Hide TPM as an option on the BIOS setup
screen. If your system shows Hide TPM, it should be set to No before you
set TPM to Enabled. Otherwise, you will not be able to change TPM.
®
administrator.)
6. Press the End key, save the changes to the BIOS settings and press Y
key.
Internal data consistency in TPM is not guaranteed when the computer is
sent for repair or main tenance. Before sendi ng the computer for repair or
maintenance, please make a backup of not only the files in the HDD (Hard
Disk Drive), but also the TPM data by using the backup feature. (Refer to
Chapter 8 - Recovery for TPM.) The security functions that use TPM can
no longer work proper ly if the d ata in TPM is lo st. (Exam ple: Files th at were
encrypted using TPM can no longer be opened.) Failure to do so may
result in possible data loss.
n TPM is shipped with the Disabled setting by default Also, there might
be cases where the TPM is set to Disabled after the computer has
been sent for repair or maintenance. Please enable TPM by
reconfiguring it again.
n To prevent anybody other than the administrator and users of this
computer from ch angin g the BIOS setting s, it is stron gly re comm ended
that you set a BIOS password and a BIOS supervisor password.
Please refer to the Computer User’s guide on how to set these
passwords.
6 Installation Guide
Loading...