As a comparison, Windows and Linux are rated as EAL 4+ (I think this is only when not networked and for Windows at least, with no floppy drive), which basically means they can only survive a casual hacker. On the other hand, with Integrity it has been proved that malicious (or just buggy) code cannot affect any other application within the system.

As the operating system provides a hypervisor, standard operating systems such as Windows, Linux and MacOS can run on top of it, but even if one gets comprimised, this cannot be used as a springboard to attach the hypervisor or other guest operating systems. It will also run under Solaris on workstations, and Palm and Symbian on PDAs.

The trusted computing link is obviously that this operating system can provide a trusted computing base, and is perhaps even a competitor for Open Kernel Labs’ OKL4.

Read the full story on DarkReading here.

• Embrace the technology
• Push vendors on Trusted Computing Group (TCG) storage encryption standard support
• Examine ways to use the Trusted Platform Module (TPM)
• Not wait for Intel vPro.

He also highlights one other additional benefit of drive-based encryption - just delete the key and your data is as good as erased, no need to scrap the drive, and it can be reused within the organisation worry-free.

Read the full post here.

In 2007 the Trusted Platform Module (TPM) v1.2 specification was submitted to JTC1 (ISO/IEC Joint Committee 1), and in July 2008 the member countries voted to approve it as an ISO/IEC standard. The comments resolution phase finished in October 2008, and publication has been slated for the first half of 2009.

The blog post highlights why the TPM is important, but instead I’d just like to pass on my congratulations to the people who worked on it. I’m always in awe of these guys and gals, and I’m always impressed how they can all agree (or agree to disagree as is often the case!) and produce such as solid specification at the end of the day.

It’s a very long read so I’ll not try to summarise it, instead I’ll repeat the conclusion where he highlights ten ways to keep your data safe.

• Standards are the foundation, not proprietary solutions
• Don’t stick with software-only, use hardware too
• Ensure your solution scales
• Protect everything; don’t leave unsecured holes
• Make sure security is transparent to users
• Ease of implementation and use are the priorities
• Ensure interoperability
• Choose automation where possible
• Get an integrated solution
• Start now!

The security features include optional Bulk Data Encryption for drive-level security, and it is expected to be the first to meet the Storage Security specifications from the Trusted Computing Group.

SECUDE software is shipped (it seems, it’s not clear from the press release) with the drive to enable simpler key management, remote configuration, and other security-related features.

Read the full press release at MarketWatch here.

He had previously posted on Cloud Computing: Invented By Criminals, Secured By ??? where he mentioned how a new security paradigm was needed for dynamic distributed computing:

This basically means that we should distribute the sampling, detection and prevention functions across the entire networked ecosystem, not just to dedicated security appliances; each of the end nodes should communicate using a standard signaling and telemetry protocol so that common threat, vulnerability and effective disposition can be communicated up and downstream to one another and one or more management facilities.

This can be addressed by the IF-MAP extension to the Trusted Network Connect (TNC) architecture from the TCG, which allows devices to exchange their security status information in realtime.

One of the things the author gets excited about is extending IF-MAP to cover virtualisation:

Integrating, for example, IF-MAP with VM-Introspection capabilities (in VMsafe, XenAccess, etc.) would be fantastic as you could tie the control planes of the hypervisors, management infrastructure, and provisioning/governance engines with that of security and compliance in near-time.

While TPM has been shipped in thousands and thousands of PCs

Make that millions and millions!

Then, there was the reason that I don’t mention who I work for on the blog. Having said that, it’s not terrible hard to discover the answer, but at least it makes it clear (I hope) that I’m blogging under my own steam, not as a representative of my employer:

A recent blog post by Lisa Lorenzin, a member of the Trusted Computing Group who works for Juniper Networks, says that legitimate objections to TPM exist. One she details is that the sheer number of dlls, drivers and services that load on machines when they boot up, makes TPM unwieldy.

Perhaps I’m reading too much into this statement, which is a misrepresentation (or at least a misinterpretation) of her post to the official TCG blog, where she said that the Trusted Network Connect cannot easily report the state of the operating system in detail due to the multitude of DLLs or drivers within a system, although there are other standards to address this.

My thinking is that one solution may be a trusted hypervisor that can monitor the state of the operating system and produce a report. The Mobile Phone Working Group (MPWG) has an alternative solution based on certificates that may also provide a solution; however a mobile device has a very different configuration to that of a general purpose computer.

However, I can agree with their conclusion:

Developers should take a look at this resource page to see whether it can shake loose ideas on how to make TPM practicable as a way to secure endpoint enforcement of NAC. If made more secure, it would help remove a major objection to endpoint NAC enforcement.

In getting this accreditation they passed the Japan Cryptographic Module Validation Program (JCMVP), which according to the press release:

JCMVP accreditation is granted to products equipped with the appropriate cryptographic algorithms and acting as cryptographic modules to ensure the security of important information such as the encryption key.

Congratulation on the accreditation!

See the full press release at Japan Corp

I’ve covered Wave Systems’ products a number of times before, so check the linked archive for other stories about what the ETS offers.

This press release was picked up from MarketWatch here.

What you get is a driverless USB device that allows three-factor authentication, including biometrics, and stores securely within trusted hardware the user’s private keys and certificates, and offers an internet browser and a hardened token interface. There is also extra user storage space with AES 256-bit hardware encryption.

It all sounds a rather impressive bit of kit!