These keys can be used only by the guest operating system for encryption or signing. Usually, compromising the guest operating system compromises its secrets, but enabling a vTPM greatly reduces this risk. Therefore, the virtual machine attack surface is reduced. These keys are not exposed to the guest operating system itself. When added to a virtual machine, a vTPM enables the guest operating system to create and store keys that are private. VTPMs provide hardware-based, security-related functions such as random number generation, attestation, key generation, and more. A virtual Trusted Platform Module (vTPM) is a software-based representation of a physical Trusted Platform Module 2.0 chip.
0 kommentar(er)
