News Stay informed about the latest enterprise technology news and product updates.

Specification to bake-in security

The Trusted Computing Group released version 1.2 of the Trusted Platform Module for PCs. The module is a chip built into devices that improves security and trust.

Could devices one day be trusted and secure, right out of the box?

That reality came a step closer with the 1.2 release of the Trusted Platform Module (TPM) for PCs. The open standard, created by the Trusted Computing Group (TCG), builds a hardware chip -- the TPM -- into devices to improve security and overall trust.

IBM said it's already shipped several million PCs and laptops with an earlier version of the chip. Products using version 1.2, which is backwards compatible, should reach market by 2005.

Features in TPM 1.2 include a secure, external time-stamping source (useful for forensics); better transport protection; audit log tampering notification; and locality to enable trusted processes to start post-boot in a protected space.

Technology Business Research analyst Bob Sutherland says TCG is "filling a gap in security." That is, software-based security alone isn't good enough. Yet from a security standpoint, operating systems, hardware and applications don't work together. To make that happen, "there needs to be a common standard," he says.

TCG members include AMD, Hewlett-Packard, IBM, Intel, Microsoft and Sun Microsystems.

"The idea of a hardware root of trust is an essential building block for a server, desktop, handheld or pretty much any piece of computer equipment," says Tom Dehane, director of security technology and architecture at Sun Microsystems. Future specifications will move beyond the desktop.

Sutherland says TPM could help users better secure Windows before then, though he notes an organization won't get full TPM benefits until all its PCs have the chip.

Dig Deeper on Information security policies, procedures and guidelines

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.