Trusted Computing Group Announces Trusted Software Specification, Makes Framework for Trusted Storage Available.SAN JOSE, Calif. -- TCG (Trusted Computing Group, Beaverton, OR, www.trustedcomputinggroup.org) The successor to the Trusted Computer Platform Alliance (TCPA), announced in 2003 by founding members AMD, HP, IBM, Intel and Microsoft. Members Also Show First Demonstration of Trusted Network Connect Trusted Network Connect or TNC is an open architecture for Network Access Control, promulgated by the Trusted Network Connect Work Group (TNC-WG) of the Trusted Computing Group (TCG). Using the Trusted Platform Module In computing, Trusted Platform Module (TPM) is both the name of a published specification detailing a microcontroller that can store secured information, as well as the general name of implementations of that specification, often called "TPM chip" or "TPM Security Device" (Dell). The Trusted Computing Group See TCG. (TCG), whose open building blocks will result in the shipment of more than 50 million trusted systems in 2006(1), today announced it has released a software specification to enable the development of applications for systems using the Trusted Platform Module 1.2. The group also announced a set of detailed use cases as a framework for trusted storage, with a trusted storage specification to enable products anticipated for release the first half of this year. Also at the RSA Conference, in Booth 1411, TCG will demonstrate for the first time the Trusted Network Connect (TNC (hardware) TNC - A threaded version of a BNC. ) endpoint integrity verification using the Trusted Platform Module (TPM (1) See TP monitor. (2) (Transactions Per Minute) The number of transactions processed within one minute. See TPS. (3) (Trusted Platform M ). The TPM, which is embedded into a client PC, serves as a root of trust that is used by Trusted Network Connect components to verify the client platform against pre-set security policies and grant or deny network access based on compliance with those policies. Because the TPM is tamperproof tam·per·proof adj. Designed to prevent tampering or provide evidence of tampering: tamperproof aspirin containers. , network administrators can be assured that the clients connecting are in the desired state and are authorized to connect. TCG Trusted Software Stack TCG has released the TCG Trusted Software Stack 1.2. The specification enables development of applications to access features of the TPM 1.2. These important security features include direct anonymous attestation The Direct Anonymous Attestation (DAA) is a cryptographic protocol which enables the remote authentication of a trusted platform whilst preserving the user's privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform , the ability to run and generate a new Attestation Identity Key, and many others. For more information on the TPM 1.2, see https://www.trustedcomputinggroup.org/groups/tpm/ TPM_1_2_Changes_final.pdf. (Due to its length, this URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. may need to be copied/pasted into your Internet browser's address field. Remove the extra space if one exists.) A number of TCG members already support the TPM 1.2 with applications based on preliminary specifications and others are anticipated for release in the coming months. For more details on the software specification, go to https://www.trustedcomputinggroup.org/faq/TSS_1.2_FAQ (Frequently Asked Questions) A group of commonly asked questions about a subject along with the answers. Vendors often display them on their Web sites for use as troubleshooting guidelines. . Trusted Storage TCG also is announcing a framework for trusted storage. TCG's planned specification, based on this initial framework, will help ensure that permanent storage devices such as hard disk drives, flash memory drives, optical drives and digital tape drives are trustworthy to prevent data misuse, theft or loss. The newly available use cases document, available at https://www.trustedcomputinggroup.org/groups/storage/, outlines seven potential applications for trusted storage: --Enrollment and connection for a trusted relationship between the storage device and the host --Protected storage for storing sensitive data --Locking and encryption to mate a storage device and host and for encrypting stored data at rest --Logging, for forensic purposes --Cryptographic services supporting a variety of security functions --Authorizing storage device feature sets to host applications for trusted and exclusive use --Secure download of firmware TCG has worked closely with storage industry standards bodies to ensure the appropriate commands are supported in SCSI SCSI in full Small Computer System Interface Once common standard for connecting peripheral devices (disks, modems, printers, etc.) to small and medium-sized computers. SCSI has given way to faster standards, such as Firewire and USB. and ATA (1) (AT Attachment) The specification for IDE drives. See IDE. (2) See analog telephone adapter. ATA - Advanced Technology Attachment interfaces and protocols. Trusted Network Connect TNC is an open, non-proprietary standard that enables the application and enforcement of security requirements for endpoints connecting to the corporate network. The TNC architecture helps IT organizations enforce corporate configuration requirements and to prevent and detect malware outbreaks, as well as the resulting security breaches and downtime in multivendor networks. More than 60 of TCG's members have contributed to the first TNC specifications, which have been available since mid-2005. Several companies now ship products to support the specifications, and others are planning to ship products this year. About TCG TCG is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications are designed to enable more secure computing environments without compromising functional integrity with the primary goal of helping users to protect their information assets from compromise due to external software attack and physical theft. More information and the organization's specifications are available at www.trustedcomputinggroup.org. Brands and trademarks are the properties of their respective owners. (1) Endpoint Technologies report 2005 |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion