Trusted Platform Module

Why Trust Techopedia

What Does Trusted Platform Module Mean?

A trusted platform module (TPM) is a type of secure cryptoprocessor, which is a specialized chip used to carry out cryptographic operations like the storing of encryption keys to secure information which is usually used by the host system to authenticate hardware. The information stored does not always have to be encryption keys; it may also include passwords and certificates.

The specifications for the chips, which also go by the same name, were developed by the Trusted Computing Group (TCG). These chips are more commonly called TPM chips or TPM Security Devices, and as these chips are specially made for a specific purpose they can be considered as application specific integrate circuits (ASIC) to an extent.

Techopedia Explains Trusted Platform Module

The assurance for a safe computing environment as promised by the TPM is implemented using two necessary steps: authentication and attestation. Authentication ensures that a platform can meet the expectations and prove that it is what it claims to be. On the other hand, attestation is a process which supports the claim of a platform of being trustworthy enough by ensuring that there are no signs of security breaches in the system. The hardware nature of the TPM ensures that information is better protected from outside sources.

Different software applications that store security entities on a TPM can be developed. These applications are useful to make information much harder to access when improper authorization is used. For example, newer laptops now have a built-in fingerprint scanner which ensures that only the owner and some other trusted users can access the laptop. The fingerprint data are stored in a TPM to prevent outside access and manipulation. TPM can even completely block access to data and other applications when it senses that certain platform configurations were changed as a result of unauthorized access. However, TPM does not and cannot control running software on a computer, it simply stores and sends information regarding security entities and the apparent state of security of the system. It is up to the related software or hardware to act upon the recommendations of the TPM.

Related Terms

Margaret Rouse
Technology Expert
Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.