Infineon Security Platform Solution - Settings Tool
Security Platform State
The current state of the Infineon Security Platform is defined by the current state of the following four components:
Chip State (Trusted Platform Module State)
Provides information about the state of the Trusted Platform Module. The following states can occur:
- Enabled - The Trusted Platform Module is accessible and in use by the Infineon Security Platform Software.
- Disabled
- The Trusted Platform Module is blocked from using. This
can be achieved either by a setting in the system BIOS or by a setting
in the Infineon Security Platform Software.
Possible solution: If the Trusted Platform Module is disabled in the BIOS, see your system BIOS documentation. Otherwise enable the Trusted Platform Module in the Infineon Security Platform Software. - Temporarily Disabled
- The Trusted Platform Module is accessible, but blocked
for use as long as the system is not restarted. The security features
using the chip are not available.
Possible Solution: Enable the Trusted Platform Module in the Infineon Security Platform Software and restart the system.
Owner State
Provides information about the general state of the Infineon Security Platform. The following states can occur:
- Not initialized
- Either the Infineon Security Platform has not yet been initialized and the
ownership has not yet been taken at all, or the
initialization state is inconsistent (e.g. caused by an interruption due to
power loss).
Possible solution: Initialize the Security Platform with Security Platform Quick Initialization Wizard or Security Platform Initialization Wizard. - Initialized - Basic setup operations have been carried out, the Trusted Platform Module is operative and ownership of the Infineon Security Platform has been taken. An Infineon Security Platform Owner exists in the Trusted Platform Module.
- Initialized but
changed - Ownership of the Infineon Security Platform has been taken,
but after this operation the Infineon Security Platform Owner was changed.
The Security Platform Administration indicates this as owner state Initialized
(Mode 1).
Possible Solution: Start the Security Platform Initialization Wizard and follow the on screen directions. - TPM initialized,
Security Platform not initialized - In earlier Infineon Security
Platform Solution Software versions the name was "Initialized other
OS".
Scenario 1: On Windows 7 and Windows Vista operating system, a possible circumstance is that the Trusted Platform Module has been initialized with the Microsoft application Trusted Platform Module (TPM) Management, i.e. Ownership of the Trusted Platform Module has been taken, but the Infineon Security Platform is not set up.
Scenario 2: This may also occur on multi-platform computers with several installed operating system versions, where the ownership was taken using one system and then a different system was started.
In either scenario, the setup of the Infineon Security Platform remains active. The Security Platform Administration indicates this as owner state Initialized ( Mode 2).
Possible Solution: Start the Security Platform Initialization Wizard and follow the on screen directions.
User State
Provides information about the state of the currently logged in user. The following states can occur:
- Not initialized
- Either the currently logged in user is not yet an Infineon Security Platform User
at all, or the user initialization state is inconsistent (e.g. caused by an
interruption due to power loss).
Possible solution: Initialize the user with Security Platform Quick Initialization Wizard or Security Platform User Initialization Wizard. - Initialized - The currently logged in user is a valid Infineon Security Platform User. The user setup for the currently logged in user has been performed. A Basic User Key has been generated and stored in an Emergency Restoration Archive, if this exists.
- Initialized but
changed - The Infineon Security Platform User has been set up and
afterwards the ownership of the Infineon Security Platform changed. The
Basic User Key of the currently logged in user cannot be used on the
Infineon Security Platform.
The Security Platform Administration indicates this as user state Initialized (Mode 3).
Possible solution:
Contact your Administrator to start the Security Platform Initialization Wizard and check Restore a Security Platform from a Backup Archive. This way the user's credentials can be prepared to be restored from a previously created Backup Archive. Next logon with your own user account and start the User Initialization Wizard. (see Restore Emergency Recovery Data Step by Step).
If no Backup Archive is available, a forced user re-initialization has to be performed. This can be done by starting the User Initialization Wizard with the command line parameter -forceinit.
The command line parameter forceinit is not supported in server mode.
User Session State
This state is only available in server mode.
User Session States control the writing access to user credentials and settings. This ensures that there are no concurrent conflicting changes from different platforms. A session state refers to a certain user on a certain platform. You can change the session state via the submenu User Credentials/Settings in Taskbar Notification Menu. The following states are used:- Read-only: No current writing access. Writing access is possible by changing to the state Temporary Read/Write or Permanent Read/Write, since no other platform is in one of the two possible Read/Write states. Default state.
- Temporary Read/Write: State used implicitly by Trusted Computing Management Server for writing access. Blocks changes from other platforms. After the writing access the state Read-only will be set again.
- Permanent Read/Write: State explicitly entered by the user via Taskbar Notification Menu Item User Credentials/Settings - Request Local Working Copy. Allows user credentials and settings to be changed offline in a local working copy. Blocks changes from other platforms. State can be changed to Read-only via Taskbar Notification Menu Item User Credentials/Settings - Accept Local Changes or User Credentials/Settings - Discard Local Changes.
©Infineon Technologies AG