چکیده (انگلیسی):

The Trusted Computing Group (TCG) has introduced the Trusted Platform Module (TPM) as a solution
to assure end users of their privacy and confidentiality. Although the TPM is designed to prevent
software attacks, the TPM itself is vulnerable to physical attacks that could enable intruders to gain
access to confidential data. In general, the TPM provides an ID and implements a password identification
technique to prevent unauthorized users from gaining access to the TPM. The TPM user authentication is
carried out by the TPM itself, which exposes the TPM to direct risk as highly skilled intruders can break
the authentication line of defence and gain access to the TPM. The process of encrypting and decrypting
information, especially when asymmetric algorithms are used, is viewed as a process that consumes time
and resources, which decreases the speed of the computer. In order to solve the problems, a TPM User
Authentication Model (TPM-UAM) that can provide the TPM with a higher level of security and
resistance against physical attacks has been proposed as we proposed in our previous research paper
(Alshar’e et al., 2014). The technique is based on biometric authentication to prove the identity of the
users and to allow the process of authentication to happen at an independent platform using virtualization
that will keep the TPM out of reach until a user is completely verified and approved. The TPM-UAM is
able to provide a more satisfactory level of confidence for data and processes that can be rated as highly
confidential and private. The model was successfully developed and tested and the results confirmed the
model efficiency and ability to secure TPM and all functions have been confirmed to be working
perfectly according to what they were designed for. This paper describes the design and implementation
of TPM-UAM system based on the proposed authentication model, virtualization has been implemented
to create authentication platform to prevent direct interaction with TPM and biometrics has been
implemented to verify identities and supervise running TPM, the system testing results in confirming the
system functionality and ability to secure and protect TPM.