BS ISO/IEC 11889-1:2015

This part of ISO/IEC11889 defines the architectural elements of the Trusted Platform Module (TPM), a device which enables trust in computing platforms in general. Some TPM concepts are explained adequately in the context of the TPM itself. Other TPM concepts are explained in the context of how a TPM helps establish trust in a computing platform. When describing how a TPM helps establish trust in a computing platform, this part of ISO/IEC11889 provides some guidance for platform requirements. However, the scope of ISO/IEC11889 is limited to TPM requirements.

This part of ISO/IEC11889 illustrates TPM security and privacy techniques in the context of a platform through the use of cryptography. It includes definitions of how different cryptographic techniques are implemented by a TPM. The scope of ISO/IEC11889 does not include cryptographic analysis or guidance about the applicability of different algorithms for specific uses cases.

TPM requirements in this part of ISO/IEC11889 are general, covering concepts like integrity protection, isolation and confidentially. Defining a specific strength of function or assurance level is out of scope for ISO/IEC11889. This approach limits the guarantees provided by ISO/IEC11889 itself, but it does allow the TPM architectural elements defined to be adapted to meet diverse implementation and platform specific needs.