Chapter 6: BIOS
95
Security Device Support
If this feature and the TPM jumper (JPT1) on the motherboard are both enabled, the onboard
security (TPM) device will be enabled in the BIOS to enhance data integrity and system
security. Please note that the OS will not show the security device. Neither TCG EFI protocol
nor INT1A interaction will be made available for use. If you have made changes on the setting
on this item, be sure to reboot the system for the change to take effect. The options are
Disable and
Enable
. If this option is set to Enable, the following screen and items will display:
•
Active PCR Banks
•
Available PCR Banks
Pending Operation
Use this feature to schedule a TPM-related operation to be performed by a security (TPM)
device at the next system boot to enhance system data integrity. Your system will reboot to
carry out a pending TPM operation. The options are
None
and TPM Clear.
Note
: Your system will reboot to carry out a pending TPM operation.
Platform Hierarchy (for TPM Version 2.0 and above)
Select Enabled for TPM Platform Hierarchy support which will allow the manufacturer to utilize
the cryptographic algorithm to define a constant key or a fixed set of keys to be used for
initial system boot. This early boot code is shipped with the platform and is included in the
list of "public keys". During system boot, the platform firmware uses this trusted public key
to verify a digital signature in an attempt to manage and control the security of the platform
firmware used in a host system via a TPM device. The options are
Enabled
and Disabled.
Storage Hierarchy
Select Enabled for TPM Storage Hierarchy support that is intended to be used for non-privacy-
sensitive operations by the platform owner such as an IT professional or the end user. Storage
Hierarchy has an owner policy and an authorization value, both of which can be set and are
held constant (-rarely changed) through reboots. This hierarchy can be cleared or changed
independently of the other hierarchies. The options are
Enabled
and Disabled.
Endorsement Hierarchy
Select Enabled for Endorsement Hierarchy support, which contains separate controls to
address the user's privacy concerns because the primary keys in this hierarchy are certified
by the TPM or a manufacturer to be constrained to an authentic TPM device that is attached
to an authentic platform. A primary key can be an encrypted, and a certificate can be created
using TPM2_ ActivateCredential. It allows the user to independently enable "flag, policy, and
authorization value" without involving other hierarchies. A user with privacy concerns can
disable the endorsement hierarchy while still using the storage hierarchy for TPM applications
and permitting the platform software to use the TPM. The options are
Enabled
and Disabled.
Содержание SuperServer 2049U-TR4
Страница 1: ...USER S MANUAL Revision 1 0 SuperServer 2049U TR4...
Страница 46: ...SuperServer 2049U TR4 User s Manual 46 1 2 Figure 3 9 Removing a Drive Carrier...
Страница 112: ...112 SuperServer 2049U TR4 User s Manual...
Страница 141: ...Appendix E Traditional Chinese Version of Safety Warnings 141 1 2 3 4 5 1 2 3 4 1 2 3 4 1 2...
Страница 142: ...142 SuperServer 2049U TR4 User s Manual...