请点击以下链接下载 WinHEC 的演讲材料 Download WinHEC presentations here:

SHARED SECRETS shhh! Easily mishandled or lost (Hint: The user is the problem)

DEVICE-BASED MULTI-FACTOR UTILIZE FAMILIAR DEVICES SECURED BY HARDWARE USER CREDENTIAL An asymmetrical key pair Provisioned via PKI or created locally via Windows 10

PIN Simplest implementation option No hardware dependencies User familiarity BIOMETRICS Higher security Ease of use Impossible to forget ACCESSING CREDENTIALS Sample design, UI not final

Health Attestation Provable device health

1 TODAY HEALTH IS ASSUMED Important resources 2

1 Health assessment based on HW measured state Important resources

UEFI Secure BootTPM at RTMTPM at RTM days Windows 10 MobileRequiredTPM 2.0 Required (All supported SoCs include fTPM 2.0) No Change Windows 10 DesktopRequiredDiscrete TPM is optional, either TPM 1.2 or 2.0 If SoC supports an fTPM, system must ship with TPM support enabled TPM 2.0 required on all new systems.

(c) 2015 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. Some information relates to pre-released product which may be substantially modified before it’s commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.