Lenovo ThinkCentre A51p IDC white paper titled "The Coming of Age of Clie - Page 16

Protocol WAP encryption, the Wireless Transport Layer Security WTLS

Get Lenovo ThinkCentre A51p PDF manuals and user guides View all Lenovo ThinkCentre A51p manuals
Add to My Manuals
Save this manual to your list of manuals

Page 16 highlights

! Combined with a full security suite, the chip enables the peace of mind necessary to make ebusiness viable. But while widespread adoption of PKI is still some way off in the future, security implementations that require cooperation between fewer parties are here now, such as secure support for email and for Microsoft's Outlook via CAPI. Since the first version of the chip, the industry has learned that this technology can be used more like pliers for general work rather than like a wrench of a specific gauge for a narrowly defined task. The chip can provide the encryption element for diverse operations: ! In a TCPA-enabled system, the chip can be used to determine if the BIOS has been changed since the previous boot. ! The embedded chip can perform the same authentication functions as an RSA secure ID keyfob, a device that costs in the range of $55-80. Without the requirement to have a hard token, chip-based authentication can be done for less than half that price. Today, about 10 million systems in the installed base have such keyfobs. ! Encryption for sending bits over the air in a wireless LAN via 802.1x, which ships with Microsoft's Windows XP, works flawlessly with the chip. The embedded chip is tied to the Microsoft code so that if the user chooses Wireless Application Protocol (WAP) encryption, the Wireless Transport Layer Security (WTLS) protocol, which is a derivative of Secure Sockets Layer (SSL), is invoked. This protocol begins with a secure certificate exchange between wireless nodes. ! Within a single node, the chip can be used at will for individual local file and folder encryption. Files and folders can also be encrypted or decrypted on the fly when saved or opened by the authorized user. ! The chip can be used along with the IBM Client Password Manager software to replace most of the user's passwords with a single passphrase or a fingerprint or a combination of both. The simple conclusion is this: If your client-level protection isn't implemented in embedded hardware, you haven't achieved the best and lowest-cost security solution. The simple conclusion is this: If your clientlevel protection isn't implemented in embedded hardware, you haven't achieved the best and lowestcost security solution. COPYRIGHT NOTICE External Publication of IDC Information and Data - Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason. Copyright 2003 IDC. Reproduction without written permission is completely forbidden. 16 #3577 ©2003 IDC

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
16
#3577
'2003 IDC
!
Combined with a full security suite, the chip enables the peace of mind
necessary to make ebusiness viable.
But while widespread adoption of PKI is still some way off in the future, security
implementations that require cooperation between fewer parties are here now, such
as secure support for email and for Microsoft’s Outlook via CAPI. Since the first
version of the chip, the industry has learned that this technology can be used more
like pliers for general work rather than like a wrench of a specific gauge for a narrowly
defined task. The chip can provide the encryption element for diverse operations:
!
In a TCPA-enabled system, the chip can be used to determine if the BIOS has
been changed since the previous boot.
!
The embedded chip can perform the same authentication functions as an RSA
secure ID keyfob, a device that costs in the range of $55±80. Without the
requirement to have a hard token, chip-based authentication can be done for less
than half that price. Today, about 10 million systems in the installed base have
such keyfobs.
!
Encryption for sending bits over the air in a wireless LAN via 802.1x, which ships
with Microsoft’s Windows XP, works flawlessly with the chip. The embedded chip
is tied to the Microsoft code so that if the user chooses Wireless Application
Protocol (WAP) encryption, the Wireless Transport Layer Security (WTLS)
protocol, which is a derivative of Secure Sockets Layer (SSL), is invoked. This
protocol begins with a secure certificate exchange between wireless nodes.
!
Within a single node, the chip can be used at will for individual local file and
folder encryption. Files and folders can also be encrypted or decrypted on the fly
when saved or opened by the authorized user.
!
The chip can be used along with the IBM Client Password Manager software to
replace most of the user’s passwords with a single passphrase or a fingerprint or
a combination of both.
The simple conclusion is this: If your client-level protection isn’t implemented in
embedded hardware, you haven’t achieved the best and lowest-cost security solution.
COPYRIGHT NOTICE
External Publication of IDC Information and Data ° Any IDC information that is to be
used in advertising, press releases, or promotional materials requires prior written
approval from the appropriate IDC Vice President or Country Manager. A draft of the
proposed document should accompany any such request. IDC reserves the right to
deny approval of external usage for any reason.
Copyright 2003 IDC. Reproduction without written permission is completely forbidden.
The simple conclusion
is this: If your client-
level protection
isn’t implemented in
embedded hardware,
you haven’t achieved
the best and lowest-
cost security solution.