Abstract: This paper analyzes the principles and security problems of delegation mechanism in the V1.2 specification of TPM,and proposes a new delegation scheme.In this scheme,a merkle hash tree(MHT) has been maintained,each leaf of which records a hash of a delegation blob and the root resides in TPM.Based on the MHT,the protocols of delegation mechanism were improved.The MHT has been updated synchronously in the creation and revocation protocol and been queried to judge whether the delegation blob is valid currently in execution protocol.The results indicate that the new delegation mechanism is feasible and the reliability and security of delegation model have been improved by means of this new scheme.