TPM (Trusted Platform Module)
TPM is a hardware-based security chip that securely stores artifacts such as passwords, certificates or encryption keys, used to authenticate a PC. TPM provides tamper-resistant cryptography to encode this data and keep it safe. The nature of this type of hardware-based cryptography ensures the information stored in the chip is better protected from external software attacks. Trusted Platform Module (TPM) solutions can help play a strong role in assuring compliance with the Health Insurance Portability and Accountability Act (HIPAA) to protect medical records, as well as Graham-Leech-Bliley, Sarbanes-Oxley, and other regulations that impose privacy and security requirements.
Windows® 10 operating systems require inclusion of a TPM module. Upgrading/downgrading TPM modules is not supported.
Embedded TPM 2.0 includes updates to a number of TPM commands with support for additional cryptographic algorithms. The key changes to its specification as compared to TPM 1.2 include:
1) Support for additional algorithms
2) Agility of algorithms for use by geographies or markets that require specific-use algorithms
3) Enhancements to the availability of the TPM to applications
4) Enhanced authorization for improved TPM management
5) Additional cryptographic services to enhance the security of platform services