[Translation] Trusted Computing Group At |(TCG)| Organisation

A translation try of TCG.

Trusted Computing Group At | (TCG) | Organisation

Trusted Computing based on hardware root of trust has been developed by industry to protect computing infrastructure and billions of end points.

基于可信的硬件可信计算,已被产业界开发出来,用以保护计算基础设施以及数以万计的终端产品。

TCG created the Trusted Platform Module cryptographic capability, which enforces specific behaviors and protects the system against unauthorized changes and attacks such as malware and root kits. As computing has expanded to different devices and infrastructure has evolved, so too has TCG extended the concept of trusted systems well beyond the computer-with-a-TPM to other devices, ranging from hard disk drives and mobile phones.

TCG组建了可信平台单元(TPM)加密功能,能够强制指定行为以及保护系统以免于诸如恶意软件、根工具包等非授权的更改和攻击。由于计算以及普及到不同设备中,计算基础设施也包含其中,因此TCG也很好地拓展了可信计算的概念,该概念扩展至一台计算机配置一个TPM之外的其他设备,涵盖了从硬盘设备到移动电话等诸多终端产品。

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can secure cloud computing and virtualized systems. Thousands of vendors offer a variety of Trusted Computing-based products, including hardware, applications, and services.

现在,TCG成员开发的标准可信计算技术,正被部署在企业系统、存储系统、网络、嵌入式系统、和诸多移动设备中,能够保护云计算和虚拟化系统(安全)。数以千计的供应商提供了包含硬件、(软件)应用以及服务的大量可信计算产品。

The result is that systems, networks, and applications are safer, less prone to viruses and malware and thus not only more reliable but also simpler to deploy and easier to manage.

其结果就是系统、网络以及应用程序会更加安全,更加不易被病毒和恶意软件感染,因此不仅更加可靠且更加简便易于部署和管理。

Benefits

Systems based on Trusted Computing:

  • Protect critical data and systems agains a variety of attacks
  • Enable secure authentication and strong protection of unlimited certificates, keys, and passwords that otherwise are accessible
  • Establish strong machine identity and integrity
  • Help satisfy regulatory compliance with hardware-based security
  • Cost less to manage, removing need for expensive tokens and peripherals

基于可信计算的系统:

  • 保护关键数据和系统免于若干攻击
  • 启用安全验证和对于无限制证书、秘钥、密码等的强保护,否则它们将会是对外可访问的
  • 建立强机器验证和完整性(验证)
  • 帮助满足基于硬件安全规则的适配
  • 更低成本管理,移除高价的令牌和外围设备

Trusted Computing Technologies:

  • Provide more secure remote access through a combination of machine and user authentication
  • Protect against data leakage by confirmation of platform integrity prior to decryption
  • Provide hardware-based protection for encryption and authentication keys used by stored data files and communications (email, network access, etc)
  • Protect in hardware Personally Identifiable Information, such as user IDs and passwords
  • Protect passwords and credentials stored on drives

可信计算技术:

  • 通过机器和用户验证组合方式提供更加安全的远程的访问
  • 通过平台完整性优先级解密来防止数据泄露
  • 为文件存储以及诸如邮件、网络授权等的交互提供基于硬件的保护
  • 保护诸如用户ID和密码等的个人识别信息的硬件保护
  • 提供密码和凭证的驱动层存储保护

Standards Development

Security is built into an increasing number of general purpose ICT products, and security standards are fundamental to the integrity and sustainability of the global ICT infrastructure. The Trusted Computing Group (TCG) believes that open, interoperable, and internationally vetted standards are critical for the success of trusted computing, and that the multilateral approach to creating such standards is most effective.

安全已被越来越多的通用ICT产品所采用,安全标准是全球ICT基础设施完整性和可持续性的基础。TCG认为开放、内部开放,交互操作,以及国际审查标准,对于可信计算的成功至关重要,TCG还认为,创建这样一个标准的多边方法,是最高效的。

TCG works within the international standards community, and has liaison and working group relationships with the Internet Engineering Task Force (IETF) and the JTC1 joint committee of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The Trusted Platform Module is defined by an ISO/IEC international standard*. The TCG Certification Program leverages established and recognized security evaluation standards. This program relies on certification by laboratories operating under the supervision of National Schemes of Common Criteria members.

TCG在国际标准社区内工作,与IETF、ISO的JTC1联合会、以及IEC是工作合作伙伴关系。TPM写入了ISO/IEC标准。TCG认证项目影响了已被建立和认可的安全评估标准。这个项目基于在共同标准成员的国家模式的监督下运作实验室的认证。

In support of open security standards, TCG encourages all nations to adopt global best practices around standards development and adoption. An open process fully supports worldwide participation from industry, academia, and government with fair and transparent development and decision processes. Specifications must be fully transparent and available to all participants, both during development and for implementation. TCG supports the use of published, peer reviewed standards and cryptographic algorithms.

在开放安全标准方面,TCG鼓励所有国家采用围绕标准开发和采用的国际最佳实践。一个开放进程支持国际范围的从产业界、学术界以及有着公平、透明的开发和决断的政府等参与者。这一说明在开发和实现过程中,必须完全向所有参与者透明和公开。TCG支持出版、同行评议标准以及加密算法的使用。

TCG only supports open standards that are developed through a transparent development process, have undergone rigorous open review, and are compatible with existing global standards. Closed standards hamper both existing and emerging markets, and are detrimental to the security of global ICT infrastructure, representing an obstacle to technology innovation and industry growth.

TCG仅支持,通过透明的开发过程开发的,拥有严格开放评审的,以及与现存国际标准相兼容的,开放标准。封闭的标准阻碍现在和新兴的市场,危害全球ICT基础设施的安全,是科技创新和产业发展的绊脚石。

TCG recognizes international standards in the field of IT security as the most appropriate method to ensure efficacy, interoperability, adoption and user acceptance. TCG takes into consideration international market requirements through international membership and welcomes participation from industry, academia, and governments in a unified, worldwide Trusted Computing standards development process.

TCG把IT领域安全的国际标准当作,保证效率、交互操作、用户接受并采用等的最为恰当的方式。TCG通过,国际会员以及欢迎来自产业界、学术界、以及统一的政府的参与者等国际范围的可信计算标准开发进程,将国际市场要求纳入了考虑范围。

*The Trusted Computing Group Trusted Platform Module specification version 1.2 is published as ISO/IEC 11889 Parts 1-4.

TCG的TPM说明的1.2版出版在ISO/IEC 11889的1-4部分。


Comments