Encryption key manager security at Thales II

Trusted computing deals with aspects such as verifying that the code used to start a system is trusted, and being able to verify that the system is in a trust and state before providing secrets to it, such as typing in your password. Secure boot and remote attestation are mechanisms for achieving such trust, with help of a hardware component called a trusted platform module (TPM). This assignment is to set up a system with a secure boot, such that the system only boots properly signed code, up to and including the operating system, and the KMS application code. Additionally, remote attestation needs to be implemented such that a KMS client or administrator knows that they are communicating with a trusted system.

Contact: (Mathias Björkqvist (M.A.Bjorkqvist@hhs.nl)