Lenovo ThinkCentre A51 IDC white paper titled "The Coming of Age of Clien - Page 15
Platform Alliance TCPA, which was inaugurated with IBM, HP, Compaq, Intel,
View all Lenovo ThinkCentre A51 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 15 highlights
THE TRUSTED COMPUTING PLATFORM ALLIANCE EVOLVES IBM has put together one of the most comprehensive suites of security products in the computer industry. Many of the elements evolved from the company's own R&D and others have been adapted from other firms, such as RSA and Intel. Although IBM acted unilaterally to design and implement its embedded solution, the design point has been acknowledged by key players in the industry. The Trusted Computing Platform Alliance (TCPA), which was inaugurated with IBM, HP, Compaq, Intel, and Microsoft as founding partners in October 1999, now has more than 190 members, essentially everybody who's anybody in the PC business. TCPA's position on the technology is that it wants it to be universal in the computing industry, and IBM is committed to making its development available via license to anyone who wants one. More important, though, the success of any security strategy depends on its comprehensiveness and universality, and it is in IBM's interest that this solution become as widespread as possible. The platform specification, which has been agreed upon by the general membership, is now shipping in version 1.1. Atmel, based in Colorado, was the first manufacturer, and then Infineon, a captive semiconductor fabricator owned by Siemens, came aboard. The Siemens connection opens the door for a smart-card implementation of embedded security. Other manufacturers include STMicroelectronics in Europe and California-based National Semiconductor. The 1.1 specification is available at www.trustedpc.org. The next revision of the specification, version 1.2, is currently being refined. It is envisioned as part of an overarching security infrastructure, code named Palladium, now being created by Microsoft. Palladium, which will incorporate TCPA's work, will handle a wide variety of content and client security functions, including many - such as digital rights management for copyrighted material - outside the scope of the TCPA specification. Version 1.2 will be implemented in conjunction with future processor and chipset families from Intel and others and will have to wait for Microsoft's Longhorn generation of operating system, currently scheduled for release in 2004. CONCLUSION In a trusted computing environment, the most important thing a participant owns is his or her private key pair. It proves identity. At the level of data interchange, it can be used to sign messages and exchange symmetric keys and it forms the basis for participation in nonrepudiatable ecommerce. At the level of the local client node, it can be used to uniquely authenticate the owner and store his or her files privately. The private key must be kept absolutely secure. A public key pair is open to everyone and need not be secured. Since the symmetric keys used for bulk message encoding operate only once, the loss of any one key exposes at most a single message. For these reasons, keys other than the user's private pair have relatively low security requirements. But it is difficult to stress sufficiently the importance of keeping a private key secret. And the only way to ensure that the private key is totally safe is to implement security in embedded hardware. In an ebusiness world, trust, protection of privacy, and a secure operating environment are essential. The benefits of the TCPA-embedded security chip are obvious: ! Private keys are truly safe from malicious hackers. ! Multiple secure keys can be generated to facilitate ecommerce with a wide variety of entities. In a trusted computing environment, the most important thing a participant owns is his or her private key pair. It proves identity. ©2003 IDC #3577 15