TCPA: Trusted Platform Module (TPM) PP
This PP describes the IT security requirements for a security module known as the Trusted Platform Module (TPM). The TPM provides security primitives in a secure environment. The primitives include digital signatures, random number generation, protected storage and binding information to the TPM. The TPM works with a second module called the TCPA PC Connection (PCCON), which may include the PC system BIOS and other software. The security requirements in this PP apply to the TPM as shipped from its final assembly point. The requirements in the TPMPP cover any hardware devices, software, and firmware that create a TPM. There is no coverage for the PCCON; a separate PP known as the TCPA PCCONPP provides that coverage.
The TPMPP defines what is appropriate protection and how to evaluate the protections in the manufacturer's design. The goal is to allow purchasers of various implementations of a TPM to compare the products using the same criteria. This PP does not target specific applications that use the TPM or a trusted operating system to support such applications.
A product compliant with this PP may offer security features and functionality beyond that specified in this PP.
The assurance level for this protection profile is EAL3, augmented with ALC_FLR.1 and AVA_VLA.2.
Strength of function is medium.