Lenovo ThinkCentre M50 IDC white paper titled "The Coming of Age of Clien - Page 15

Platform Alliance TCPA, which was inaugurated with IBM, HP, Compaq, Intel, - ibm specifications

Get Lenovo ThinkCentre M50 PDF manuals and user guides View all Lenovo ThinkCentre M50 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 15 highlights

THE TRUSTED COMPUTING PLATFORM ALLIANCE EVOLVES IBM has put together one of the most comprehensive suites of security products in the computer industry. Many of the elements evolved from the company's own R&D and others have been adapted from other firms, such as RSA and Intel. Although IBM acted unilaterally to design and implement its embedded solution, the design point has been acknowledged by key players in the industry. The Trusted Computing Platform Alliance (TCPA), which was inaugurated with IBM, HP, Compaq, Intel, and Microsoft as founding partners in October 1999, now has more than 190 members, essentially everybody who's anybody in the PC business. TCPA's position on the technology is that it wants it to be universal in the computing industry, and IBM is committed to making its development available via license to anyone who wants one. More important, though, the success of any security strategy depends on its comprehensiveness and universality, and it is in IBM's interest that this solution become as widespread as possible. The platform specification, which has been agreed upon by the general membership, is now shipping in version 1.1. Atmel, based in Colorado, was the first manufacturer, and then Infineon, a captive semiconductor fabricator owned by Siemens, came aboard. The Siemens connection opens the door for a smart-card implementation of embedded security. Other manufacturers include STMicroelectronics in Europe and California-based National Semiconductor. The 1.1 specification is available at www.trustedpc.org. The next revision of the specification, version 1.2, is currently being refined. It is envisioned as part of an overarching security infrastructure, code named Palladium, now being created by Microsoft. Palladium, which will incorporate TCPA's work, will handle a wide variety of content and client security functions, including many - such as digital rights management for copyrighted material - outside the scope of the TCPA specification. Version 1.2 will be implemented in conjunction with future processor and chipset families from Intel and others and will have to wait for Microsoft's Longhorn generation of operating system, currently scheduled for release in 2004. CONCLUSION In a trusted computing environment, the most important thing a participant owns is his or her private key pair. It proves identity. At the level of data interchange, it can be used to sign messages and exchange symmetric keys and it forms the basis for participation in nonrepudiatable ecommerce. At the level of the local client node, it can be used to uniquely authenticate the owner and store his or her files privately. The private key must be kept absolutely secure. A public key pair is open to everyone and need not be secured. Since the symmetric keys used for bulk message encoding operate only once, the loss of any one key exposes at most a single message. For these reasons, keys other than the user's private pair have relatively low security requirements. But it is difficult to stress sufficiently the importance of keeping a private key secret. And the only way to ensure that the private key is totally safe is to implement security in embedded hardware. In an ebusiness world, trust, protection of privacy, and a secure operating environment are essential. The benefits of the TCPA-embedded security chip are obvious: ! Private keys are truly safe from malicious hackers. ! Multiple secure keys can be generated to facilitate ecommerce with a wide variety of entities. In a trusted computing environment, the most important thing a participant owns is his or her private key pair. It proves identity. ©2003 IDC #3577 15

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
'2003 IDC
#3577
15
THE TRUSTED COMPUTING PLATFORM ALLIANCE
EVOLVES
IBM has put together one of the most comprehensive suites of security products in
the computer industry. Many of the elements evolved from the company’s own R&D
and others have been adapted from other firms, such as RSA and Intel. Although IBM
acted unilaterally to design and implement its embedded solution, the design point
has been acknowledged by key players in the industry. The Trusted Computing
Platform Alliance (TCPA), which was inaugurated with IBM, HP, Compaq, Intel, and
Microsoft as founding partners in October 1999, now has more than 190 members,
essentially everybody who’s anybody in the PC business. TCPA’s position on the
technology is that it wants it to be universal in the computing industry, and IBM is
committed to making its development available via license to anyone who wants one.
More important, though, the success of any security strategy depends on its
comprehensiveness and universality, and it is in IBM’s interest that this solution
become as widespread as possible. The platform specification, which has been
agreed upon by the general membership, is now shipping in version 1.1. Atmel,
based in Colorado, was the first manufacturer, and then Infineon, a captive
semiconductor fabricator owned by Siemens, came aboard. The Siemens connection
opens the door for a smart-card implementation of embedded security. Other
manufacturers include STMicroelectronics in Europe and California-based National
Semiconductor. The 1.1 specification is available at
www.trustedpc.org
.
The next revision of the specification, version 1.2, is currently being refined. It is
envisioned as part of an overarching security infrastructure, code named Palladium,
now being created by Microsoft. Palladium, which will incorporate TCPA’s work, will
handle a wide variety of content and client security functions, including many ° such as
digital rights management for copyrighted material ° outside the scope of the TCPA
specification. Version 1.2 will be implemented in conjunction with future processor and
chipset families from Intel and others and will have to wait for Microsoft’s Longhorn
generation of operating system, currently scheduled for release in 2004.
CONCLUSION
In a trusted computing environment, the most important thing a participant owns is his
or her private key pair. It proves identity. At the level of data interchange, it can be
used to sign messages and exchange symmetric keys and it forms the basis for
participation in nonrepudiatable ecommerce. At the level of the local client node, it
can be used to uniquely authenticate the owner and store his or her files privately.
The private key must be kept absolutely secure.
A public key pair is open to everyone and need not be secured. Since the symmetric
keys used for bulk message encoding operate only once, the loss of any one key
exposes at most a single message. For these reasons, keys other than the user’s
private pair have relatively low security requirements. But it is difficult to stress
sufficiently the importance of keeping a private key secret. And the only way to ensure
that the private key is totally safe is to implement security in embedded hardware.
In an ebusiness world, trust, protection of privacy, and a secure operating
environment are essential. The benefits of the TCPA-embedded security chip are
obvious:
!
Private keys are truly safe from malicious hackers.
!
Multiple secure keys can be generated to facilitate ecommerce with a wide
variety of entities.
In a trusted computing
environment, the
most important thing
a participant owns is
his or her private key
pair. It proves identity.