Revision as of 15:25, 7 March 2006 edit Frap (talk \| contribs) Extended confirmed users, File movers, Pending changes reviewers, Rollbackers 35,598 edits m Fixed typo ← Previous edit		Revision as of 00:09, 8 March 2006 edit undo 131.107.0.107 (talk) No edit summary Next edit →
Line 1: {{future product}} '''~~BitLocker~~BitLocker™ Drive Encryption''' is a ~~security~~data protection feature inintegrated into [[Windows ~~Vista]]~~Vista™ that ~~encrypts~~provides ~~data~~encryption for the onentire ~~hard~~O/S ~~disks~~volume. BitLocker provides three modes of operation: ~~Microsoft has indicated that BitLocker will only be included in the Enterprise and Ultimate editions of Vista.~~ The first two modes require a cryptographic hardware chip called a TPM 1.2 and a compatible BIOS: '''Transparent operation mode''' This mode leverages the capabilities of the TPM 1.2 hardware to provide for a seamless user experience – the user simply logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-O/S components of BitLocker achieve this by implementing a Static Root of Trust Measurement – a methodology specified by the Trusted Computing Group. '''User authentication mode''' This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the O/S. Two authentication modes are supported – a pre-boot PIN entered by the user or a USB device inserted that contains the required startup key. The final mode does not require a TPM 1.2 chip: USB-Key The user must insert a USB device that contains a startup key into the computer to be able to boot the protected O/S. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-O/S environment. ~~==Modes==~~ ~~There are three modes for BitLocker:~~ * With [[trusted platform module]] (TPM) ; Transparent :The user will log on to Windows as usual. The encryption lies entirely in the TPM. If the TPM is changed or disappears, the user has to enter a recovery key or password ; Startup key :In this mode, the user is forced to use a startup key in order to get access to the encrypted data. The startup key can be a [[Personal identification number\|PIN]] or a physical unit, like a [[Universal Serial Bus\|USB]] key. * Non-TPM **;USB-key :The user has to insert a USB-key before turning the computer on. The key will automatically unlock the computer. == External links ==

BitLocker: Difference between revisions