Use the TPM module of a device if present to verify the identity of the device and also to encrypt/decrypt with the TPM generated keys.
This prevents physical attacks on a device to use it as a vehicle for broader access to the system.
If this happens then if the hardware is going to be switched but retaining the same device config, then there needs to be a method to replace the key in the system.
Use the TPM module of a device if present to verify the identity of the device and also to encrypt/decrypt with the TPM generated keys.
This prevents physical attacks on a device to use it as a vehicle for broader access to the system.
If this happens then if the hardware is going to be switched but retaining the same device config, then there needs to be a method to replace the key in the system.