Filed under: News
Feb 27 2014, 2:31pm CST | by Forbes
The Trusted Computing Group (TCG) session at the RSA Conference in San Francisco brought together proponents of standardized security technology with interested technology developers and end users. In the introductory talk by Dr. Joerg Borchert, President of the TCG, he pointed out that according to the Privacy Rights Clearinghouse 5,36,508,478 records have been breached from unencrypted drives that were lost, stolen or hacked. Today computer security is a key feature in protecting privacy since pervasive connectivity exposes every node in a modern network.
The TCG feels that by having standardized interfaces with a clearly defined security target, evaluations and certifications, that the resulting products will be less vulnerable to security attacks. 135 companies are members of the TCG including commercial, liaison and invited expert participants.
Products built with the TCG specifications are increasing in number and include PCs, embedded products and networking products. Devices protected by the TCG technology have a microcontroller circuit called a Trusted Platform Module (TPM) that stores encryption keys, passwords and digital certificates.
This hardware based security system is safer than storing this information in software since the hardware is much more difficult to hack—especially from afar. Access to data and secrets in a platform equipped with a TPM can be denied by policy settings, making critical applications and capabilities such as secure email, secure web access and local protection of data much more secure. The chart shows a total of over 1 billion new devices using this technology in 2013.
Although TCG standards also deal with data in flight, our interest here will be data at rest where the data is protected with an encryption key maintained within the digital storage device. This encryption key is kept in a TPM built into the hardware of the storage device. Today HDDs and SSDs are available with this technology. Such products are referred to as Self Encrypting Drives (SEDs). SED storage devices for both client and enterprise applications are available.
All the major HDD and SSD storage manufacturers offer SEDs. In addition to providing security during regular use of the drives SEDs offer a rapid way to make the data on the device inaccessible. Data on the storage device can be made inaccessible by erasing (or overwriting) the encryption key in the SED. With the encryption key gone, the encrypted data on the device cannot be decrypted. This crypto-erase is much faster and reliable than overwriting all the data on the storage device, particularly for many solid-state drives and high capacity HDDs.
The general growth in TCG hardware based encryption, combined with improved network access and verification security, could help both individual users and enterprises protect their data from external attacks. We live in an age where our private data and financial security are increasingly at risk. Technologies such as those of the TCG can help us maintain our privacy and security. System designers and integrators need to look at how they can incorporate TCG technology into their systems to increase overall data security. We need all the help we can get!
Source: Federal Computer Week
Source: Campus Technology
Source: Architectural Record
Source: Business Week
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.
blog comments powered by Disqus
The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.
The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.
Read more about The Geek Mind.
News | Technology | Person Career | Solid-state drive | Security | encryption | Computer security | Cryptography | Data security | Hardware-based full disk encryption | Trusted computing | Trusted Platform Module | The Trusted Computing Group | Disk encryption | Trusted Computing Group | Next-Generation Secure Computing Base