Difference between revisions of "Trusted Computing"

From MgmtWiki
Jump to: navigation, search
(Problems)
(Trusted Supply Chain)
Line 9: Line 9:
 
==Solutions==
 
==Solutions==
 
===Trusted Supply Chain===
 
===Trusted Supply Chain===
 +
Before the Huawei troubles<ref>Emily Stewart, ''The US government’s battle with Chinese telecom giant Huawei, explained'' Recode (2019-05-21) https://www.vox.com/technology/2018/12/11/18134440/huawei-executive-order-entity-list-china-trump</ref>
 +
 
===Trusted Platform Module===
 
===Trusted Platform Module===
 
*[https://trustedcomputinggroup.org/ Trusted Computing Group] announced that its [https://trustedcomputinggroup.org/resource/tss-overview-common-structures-specification/ TPM 2.0 (Trusted Platform Module)] Library Specification was approved as a formal international standard under ISO/IEC ISO/IEC 11889:2015 (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment. A good suppary can be found in the [https://trustedcomputinggroup.org/resource/tss-overview-common-structures-specification/ TCG TSS 2.0 Overview and Common Structures Specification].
 
*[https://trustedcomputinggroup.org/ Trusted Computing Group] announced that its [https://trustedcomputinggroup.org/resource/tss-overview-common-structures-specification/ TPM 2.0 (Trusted Platform Module)] Library Specification was approved as a formal international standard under ISO/IEC ISO/IEC 11889:2015 (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment. A good suppary can be found in the [https://trustedcomputinggroup.org/resource/tss-overview-common-structures-specification/ TCG TSS 2.0 Overview and Common Structures Specification].

Revision as of 19:08, 10 July 2019

Full Title

Trusted Computing is a set of solutions to assure that computing devices are who they say they are and are able to keep user secrets protected from programs running on the devices.

Context

There has been a recognized effort to create a separate execution environment that would be unaffected by malware running in the main computer. The first effort was started in 1995-02-21 in the Intel Data Security Operation where a 386 based co-processor was developed that could use the main data store by encryption and decryption of all data on the fly. This was widely realized with the TPM 1.0 hardware chips in the late 1990 and now with separate instruction sets on ARM and Intel processors.

Problems

  • Trusted computing is, by design, built to solve enterprise data security issues. The result is devices that can be wiped clean by the enterprise IT department. Not the sort of solution that would be acceptable to most users.

Solutions

Trusted Supply Chain

Before the Huawei troubles[1]

Trusted Platform Module

Trusted Mobility Solutions

TCG Trusted Mobility Solutions Work Group Use Cases – Enterprise, Financial, & NFV was published 2018-09-26.

References

  1. Emily Stewart, The US government’s battle with Chinese telecom giant Huawei, explained Recode (2019-05-21) https://www.vox.com/technology/2018/12/11/18134440/huawei-executive-order-entity-list-china-trump