Home » Intel Manuals » Motherboards » Intel D865GRH » Manual Viewer

Intel D865GRH D865GRH_TechProdSpec. - Page 57

Security Precautions

Get Intel D865GRH PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 57 highlights

Product Description procedures may allow the migratable keys to be recovered and may restore access to encrypted data. Read the Security Precautions for Emergency Recovery File Back Up Procedures. • TPM Keys are Hierarchical: All TPM keys have a place within a hierarchy. Within this hierarchy, keys must be loaded into the TPM before child keys can be used. It may not be obvious that any particular key is child or parent. If a key is backed up but the parent key is either not available or the password for the parent key is not available, the associated data will not be available. Read the Security Precautions for Emergency Recovery File Back Up Procedures. 1.13.3 Security Precautions Security, like any other aspect of computer maintenance, requires planning. What is unique about security has to do with understanding who are "friends" and who are adversaries. The TPM provides mechanisms to enable the owner/user to protect their information from adversaries. To provide this protection, the TPM effectively puts "locks" around the data. Just like physical locks, if keys or combinations are lost, the assets (data) may be inaccessible not only to adversaries, but also to the asset owner/user. The TPM provides two classes of keys: migratable and non-migratable. Migratable keys are designed to protect data that can be used (unencrypted) on more than one platform. This has the advantage of allowing the key data to be replicated (backed-up and restored) to another platform. This may be because of user convenience (someone uses more than one platform, or the data needs to be available to more than one person operating on different platforms). This type of key also has the advantage in that it can be backed-up and restored from a defective platform onto a new platform. However, migratable keys may not be the appropriate level of protection (for example, the user wants the data restricted to a single platform) needed for the application. This requires a non-migratable key. Non-migratable keys carry with them a usage deficit in that while the key may be backed-up and restored (protected from hard disk failure), they are not protected against system or TPM failure. The very nature of a non-migratable key is that they can be used on one and only one TPM. In the event of a system or TPM failure, all non-migratable keys and the data associated with them will be inaccessible and unrecoverable. CAUTION The following precautions and procedures may assist in recovering from any of the previously listed situations. Failure to implement these security precautions and procedures may result in unrecoverable data loss. 57

Section	Page
Intel® Desktop Board D865GRH Technical Product Specification	1
Revision History	2
Preface	3
Intended Audience	3
What This Document Contains	3
Typographical Conventions	3
Other Common Notation	4
Contents	5
1 Product Description	11
1.1 Overview	12
1.1.1 Feature Summary	12
1.1.2 Manufacturing Options	13
1.1.3 Board Layout	14
1.1.4 Block Diagram	15
1.2 Online Support	16
1.3 Operating System Support	16
1.4 Design Specifications	17
1.5 Processor	20
1.6 System Memory	21
1.6.1 Memory Configurations	23
1.7 Intel® 865G Chipset	28
1.7.1 Intel 865G Graphics Subsystem	29
1.7.2 Universal 0.8 V / 1.5 V AGP 3.0 Connector	37
1.7.3 USB	38
1.7.4 IDE Support	38
1.7.5 Real-Time Clock, CMOS SRAM, and Battery	40
1.8 I/O Controller	40
1.8.1 Serial Port	41
1.8.2 Parallel Port	41
1.8.3 Diskette Drive Controller	41
1.8.4 Keyboard and Mouse Interface	41
1.9 Audio Subsystem	42
1.9.1 Audio Subsystem Software	42
1.9.2 Intel® Flex 6 Audio Subsystem	42
1.9.3 Audio Connectors	44
1.10 LAN Subsystem	45
1.10.1 Intel® 82547EI Platform LAN Connect Device	45
1.10.2 RJ-45 LAN Connector with Integrated LEDs	45
1.10.3 LAN Subsystem Software	46
1.11 Hardware Management Subsystem	46
1.11.1 Hardware Monitoring and Fan Control ASIC	46
1.11.2 Thermal Monitoring	46
1.11.3 Fan Monitoring	48
1.11.4 Chassis Intrusion and Detection	48
1.12 Power Management	48
1.12.1 ACPI	48
1.12.2 Hardware Support	51
1.13 Trusted Platform Module	56
1.13.1 System Requirements	56
1.13.2 Warning of Potential Data Loss	56
1.13.3 Security Precautions	57
1.13.4 Trusted Platform Module Ownership	59
1.13.5 Enabling the Trusted Platform Module	59
1.13.6 Assuming Trusted Platform Module Ownership	60
1.13.7 Recovery Procedures	61
1.13.8 Clearing Trusted Platform Module Ownership	62
1.13.9 Software Support	62
2 Technical Reference	63
2.1 Introduction	63
2.2 Memory Resources	63
2.2.1 Addressable Memory	63
2.2.2 Memory Map	65
2.3 DMA Channels	65
2.4 Fixed I/O Map	66
2.5 PCI Configuration Space Map	67
2.6 Interrupts	68
2.7 PCI Interrupt Routing Map	69
2.8 Connectors	71
2.8.1 Back Panel Connectors	72
2.8.2 Internal I/O Connectors	73
2.8.3 External I/O Connectors	81
2.9 Jumper Blocks	85
2.9.1 Front Panel Audio Connector/Jumper Block	85
2.9.2 BIOS Setup Configuration Jumper Block	86
2.10 Mechanical Considerations	87
2.10.1 I/O Shield	88
2.11 Electrical Considerations	89
2.11.1 DC Loading	89
2.11.2 Add-in Board Considerations	89
2.11.3 Fan Connector Current Capability	89
2.11.4 Power Supply Considerations	90
2.12 Thermal Considerations	90
2.13 Reliability	93
2.14 Environmental	93
2.15 Regulatory Compliance	94
2.15.1 Safety Regulations	94
2.15.2 EMC Regulations	94
2.15.3 European Union Declaration of Conformity Statement	95
2.15.4 Product Ecology Statements	96
2.15.5 Product Certification Markings (Board Level)	96
3 Overview of BIOS Features	97
3.1 Introduction	97
3.2 BIOS Flash Memory Organization	97
3.3 Resource Configuration	98
3.3.1 PCI Autoconfiguration	98
3.3.2 PCI IDE Support	98
3.4 System Management BIOS (SMBIOS)	99
3.5 Legacy USB Support	99
3.6 BIOS Updates	100
3.6.1 Language Support	100
3.6.2 Custom Splash Screen	101
3.7 Recovering BIOS Data	101
3.8 Boot Options	102
3.8.1 CD-ROM Boot	102
3.8.2 Network Boot	102
3.8.3 Booting Without Attached Devices	102
3.8.4 Changing the Default Boot Device During POST	102
3.9 Fast Booting Systems with Intel Rapid BIOS Boot	103
3.9.1 Peripheral Selection and Configuration	103
3.9.2 Intel® Rapid BIOS Boot	103
3.10 BIOS Security Features	104
4 BIOS Setup Program	105
4.1 Introduction	105
4.2 Maintenance Menu	106
4.3 Main Menu	107
4.4 Advanced Menu	108
4.4.1 PCI Configuration Submenu	109
4.4.2 Boot Configuration Submenu	110
4.4.3 Peripheral Configuration Submenu	111
4.4.4 Drive Configuration Submenu	113
4.4.5 Floppy Configuration Submenu	117
4.4.6 Event Log Configuration Submenu	118
4.4.7 Video Configuration Submenu	119
4.4.8 USB Configuration Submenu	120
4.4.9 Chipset Configuration Submenu	121
4.4.10 Fan Control Configuration Submenu	124
4.4.11 Hardware Monitoring	125
4.5 Security Menu	126
4.6 Power Menu	127
4.6.1 ACPI Submenu	127
4.7 Boot Menu	128
4.7.1 Boot Device Priority Submenu	129
4.7.2 Hard Disk Drives Submenu	130
4.7.3 Removable Devices Submenu	130
4.7.4 ATAPI CD-ROM Drives Submenu	131
4.8 Exit Menu	131
5 Error Messages and Beep Codes	133
5.1 BIOS Error Messages	133
5.2 Port 80h POST Codes	135
5.3 Bus Initialization Checkpoints	139
5.4 Speaker	140

Match case Limit results 1 per page

Product Description

procedures may allow the migratable keys to be recovered and may restore access to encrypted

data.

Read the Security Precautions for Emergency Recovery File Back Up Procedures.

•

TPM Keys are Hierarchical:

All TPM keys have a place within a hierarchy.

Within this

hierarchy, keys must be loaded into the TPM before child keys can be used.

It may not be

obvious that any particular key is child or parent.

If a key is backed up but the parent key is

either not available or the password for the parent key is not available, the associated data will

not be available.

Read the Security Precautions for Emergency Recovery File Back Up

Procedures.

1.13.3

Security Precautions

Security, like any other aspect of computer maintenance, requires planning.

What is unique about

security has to do with understanding who are

“

friends

”

and who are adversaries.

The TPM

provides mechanisms to enable the owner/user to protect their information from adversaries.

provide this protection, the TPM effectively puts

“

locks

”

around the data.

Just like physical locks,

if keys or combinations are lost, the assets (data) may be inaccessible not only to adversaries, but

also to the asset owner/user.

The TPM provides two classes of keys:

migratable and non-migratable.

Migratable keys are

designed to protect data that can be used (unencrypted) on more than one platform.

This has the

advantage of allowing the key data to be replicated (backed-up and restored) to another platform.

This may be because of user convenience (someone uses more than one platform, or the data needs

to be available to more than one person operating on different platforms).

This type of key also

has the advantage in that it can be backed-up and restored from a defective platform onto a new

platform.

However, migratable keys may not be the appropriate level of protection (for example,

the user wants the data restricted to a single platform) needed for the application.

This requires a

non-migratable key.

Non-migratable keys carry with them a usage deficit in that while the key may be backed-up and

restored (protected from hard disk failure), they are not protected against system or TPM failure.

The very nature of a non-migratable key is that they can be used on one and only one TPM.

In the

event of a system or TPM failure, all non-migratable keys and the data associated with them will

be inaccessible and unrecoverable.

CAUTION

The following precautions and procedures may assist in recovering from any of the previously

listed situations.

Failure to implement these security precautions and procedures may result in

unrecoverable data loss.