Table of Contents
Advertisement
Super X13SEW-TF/-F User's Manual
Storage Hierarchy (Available when "Security Device Support" is set to Enable)
Select Enabled for TPM Storage Hierarchy support that is intended to be used for non-privacy-
sensitive operations by a platform owner such as an IT professional or the end user. Storage
Hierarchy has an owner policy and an authorization value, both of which can be set and are
held constant (rarely changed) through reboots. This hierarchy can be cleared or changed
independently of the other hierarchies. The options are Disabled and Enabled.
Endorsement Hierarchy (Available when "Security Device Support" is set to Enable)
Select Enabled for Endorsement Hierarchy support. This feature contains separate controls
to address your privacy concerns because the primary keys in the hierarchy are certified
by the TPM key or by a manufacturer with restrictions on how an authentic TPM device
that is attached to an authentic platform can be accessed and used. A primary key can be
encrypted and certified with a certificate created by using TPM2_ ActivateCredential, which
allows you to independently enable "flag, policy, and authorization values" without involving
other hierarchies. You can disable the endorsement hierarchy while still using the storage
hierarchy for TPM applications, permitting the platform software to use the TPM. The options
are Disabled and Enabled.
PH Randomization (for TPM Version 2.0 and above)
Select Enabled for Platform Hierarchy (PH) Randomization support. This feature is used only
during the platform developmental stage. This feature cannot be enabled in the production
platforms. The options are Disabled and Enabled.
Supermicro BIOS-Based TPM Provision Support
If this feature is set to Enabled, SMCI BIOS-based TPM provision will be supported. The
options are Disabled and Enabled.
Note: Enabling this feature will lock your TPM on the production platform, and you will
not be able to delete the NV indexes.
TXT Support
Select Enabled to enable Intel Trusted Execution Technology (TXT) support to enhance
system integrity and data security. The options are Disabled and Enabled.
Note 1: If this feature is set to Enabled, be sure to disable Device Function On-Hide
(EV DFX) support when it is present in the BIOS for the system to work properly.
Note 2: For more information on TPM, refer to the TPM manual at
micro.com/manuals/other/TPM.pdf.
92
http://www.super-
Advertisement
Table of Contents
