SafeGuard Easy - TPM Machine Binding

  • Article ID: 107615
  • Updated: 27 Jun 2009

SafeGuard Easy multi-platform 4.5x

Client OS

Windows XP SP2 Professional Edition

Server OS



Which CSPs are supported by SafeGuard Easy for TPM Machine Binding?


SafeGuard Easy includes a special GINA client that provides strong binding of the physical disk that SGE is installed on with the hardware the disk is attached to. This feature is called 'TPM Machine Binding' and is actually a component of the SG Authentication product. Machine Binding has been introduced a few years ago when IBM started to ship their first laptops equipped with the TPM, and thus was one of the first products on the market to make use of this new security hardware.

SGE Integration
The Machine Binding functionality is provided by a special GINA client that has to be installed in addition to the Utimaco Master GINA. The Machine Binding option is only available in the setup if the installation is executed on a machine that is supported by the current version of the Machine Binding GINA.
There's actually no configuration option for the TPM integration. The software itself detects which system it is running on and selects the proper CSP automatically. Since the Machine Binding code is executed at an very early stage in the boot process and is running in SYSTEM context, we have experienced problems with almost every CSP we had to deal with in the past.

The following CSPs are certified to be compatible with TPM Machine Binding:

CSP Vendor Status
IBM CSP all versions
Lenovo CSP all versions
Infineon CSP all versions

The following CSPs are known to be incompatible with TPM Machine Binding:

CSP Vendor Status
Wave Systems not compatible

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent