| Concept |
Definition |
| ESC User |
ESC User refers to the current user of the PC. ESC manages passwords for each user (account) on PC and the ESC Passwords window provides the ESC User the capability to tailor how ESC manages the passwords. The Trusted Platform Module and Windows Login windows affect all users of the platform. |
| ESC User Password |
The password ESC Users enter to authenticate for TPM use. ESC is configured to use the User's Windows password as the ESC User Password. |
| Fingerprint Biometric |
An image of the User's fingerprint that is read by a separate fingerprint reader used to authenticate the user to Windows or the TPM. May be combined with other authentication preferences. |
| Key Archive Password |
Password defined by users to protect the Key Archive created during a backup operation from the Archive & Restore window. The Key Archive Password must be entered in order to restore keys from the Archive. |
| Key Password |
Also known as the TPM Key Password, this refers to the individual password that must be defined for each TPM Key that is created. After creating the Key Password, ESC allows users to simply enter their Windows Password (same as the ESC User Password) to access any TPM Key. ESC manages the unique Key Passwords in the background. |
| Password Vault |
Also known as the TCG Security Password Vault, it refers to the collection of individual TPM Key Passwords that are managed by ESC. With ESC, each TPM Key can have a unique password, and Users can enable the ability to simply enter their Windows Password (or other authentication preference) in place of the individual key passwords. |
| Secure Login |
ESC Secure Login for Windows. In standalone mode, Users may configure ESC to use the Windows Password and/or fingerprint biometric to log on to the PC. With Wave Systems Enterprise Authentication Server, the system administrator configures domain authentication preferences using combinations of Windows Password, Fingerprint Biometric, Smart Card, or TPM Certificate. |
| Security Password Settings |
Customization settings to define how often ESC requires the Windows Password (or other preference) to be entered when accessing the TPM. Users can require the password be entered for every access, once for a defined duration, or once per Windows session. |
| Smart Card |
A plastic card containing a silicon chip that is read by a separate smart card reader and used to authenticate the user to Windows or the TPM. May be combined with other authentication preferences. Only available in a domain environment using Wave Systems Enterprise Authentication Server. |
| TCG Security Password Vault |
Same as Password Vault, see above. |
| TPM |
Trusted Platform Module or security chip. This is the hardware chip present on the PC motherboard that performs the security functions at the lowest level. |
| TPM Certificate |
A digital certificate used to authenticate the user to Windows or the TPM. Uses the TPM in place of a Smart Card. May be combined with other authentication preferences. Only available in a domain environment using Wave Systems Enterprise Authentication Server. |
| TPM Owner |
The TPM Owner possesses the TPM Owner password and has the capability to perform administrative functions for the TPM. |
| TPM Owner Password |
Password defined when Ownership of the TPM is taken, thus enabling the TPM to function. |
| TPM User |
Users that have a Windows Account on the TPM platform and who use TPM-based applications. |
| User Authentication |
The act of a user proving to the system that he/she has the rights to perform a certain function. ESC allows individual authentication to Windows and the Password Vault by entry of the Windows Password or a Fingerprint Biometric. ESC with Wave Systems Enterprise Authentication Server additionally allows for domain authentication to Windows using the Windows Password, Fingerprint Biometric, Smart Card, or TPM Certificate. |
| Windows Password |
Password used to login to the Windows platform and optionally, to network domains. |
