Archive - January 2010
27 January, 2010
PAC-NAC Convergence: Another Video Game or Security?
We might all recall fondly the Pacman games of our youth. But today, PAC also means something else: physical access control. And physical access control, used in buildings and facilities worldwide to keep track of who is coming and going, is converging with network access control. In a nutshell, thanks to efforts by TCG and its members such as Hirsch Electronics and others, strangers tailgating into your building can't get into your network. How is TCG involved?
TCG's Trusted Network Connect interfaces enable: location, identity, endpoint health, and behavior- based access control decisions for users in an enterprise environment; detection and remediation of illicit activity, such as data leakage by an endpoint or unauthorized changes to network device configurations; and correlation of physical security with network access privileges. A demo at Interop 2009 showed how this works. For more details, see the Interop Las Vegas Press Kit.
This effort continues and is gaining traction. Next week, Bob Beliles, participant, TNC Work Group and VP of Enterprise Business Development, Hirsch Electronics, will speak on "Extending Trust and Security to Networked Physical Security" on February 2, 2010, Track 101 at 11.30 a.m at the TechSec Solutions conference. He will talk about integrating physical security with network security and how TCG specs enable this.
For more on this topic, consider attending a panel session at RSA, where Beliles will be part of the panel session PHYS-403, Does Physical Security on the Network Create New Vulnerabilities? This session is Friday, March 05 11:20 AM, Orange Room 304.
More info on this session: Physical security has only recently moved to IP implementation. Video (CCTV) and card-based access control have been "siloed" systems, communicating on a basis proprietary to their manufacturer. What new vulnerabilities to the network are created as these devices migrate to the network? Do manufacturers know how to preserve network integrity? Do they understand threats from the network? This session will examine issues such as these in the context of the leading systems in the industry. More info on RSA sessions can be found @ http://www.rsaconference.com/2010/usa/index.htm.
Authentication, Data Protection, Network Security, News & Events
Read Post21 January, 2010
Fun at RSA: Security Playground Comes to San Francisco
All of us in computer security look forward to the annual RSA Conference. This year, it is March 1-5 at Moscone Center, San Francisco. For the past several years, TCG has hosted a free, pre-conference seminar series where we talked about and demonstrated key Trusted Computing technologies.
This year, we are shaking it up a bit. We will host our first Security Playground on Monday, March 1. From 11 a.m. - 3 p.m. In the Orange Room of the Moscone Center Esplanade, we will give you the opportunity to get down and dirty with some of the most critical security technologies based on Trusted Computing Group specifications. TCG members participating include Infoblox, Lumeta, Juniper Networks and Wave Systems.
We will include hardware and software for network security, authentication and self-encrypting drives. Each part of the playground will offer experts who can answer your questions. You can play with the demos, challenge the experts and learn lots. We will throw in lunch and prizes, so stick around for a while.
The event is free but to ensure that we can accommodate everyone, we request that attendees register for the seminar.
Also at RSA, look for demonstrations in member booths around the exhibit area. On Tuesday night, March 2, join us for a special, invitation-only Cocktail Reception! To reserve your spot at this fun event, please visit the TCG Cocktail Reception Reservation Page. This event will show you:
- Real-world applications
- Product implementation based on TCG Standards
- Multivendor interoperability
- High security, easy to use deployments
We hope to see you on the playground at Moscone!
Authentication, Data Protection, Network Security, News & Events
Read Post12 January, 2010
The Year of Trusted Computing?
Happy New Year to our colleagues in computing and IT security! We survived a rough decade that included some of the worst hacks, attacks and data breaches ever recorded, many of which could have been prevented by using widely available and inexpensive security tools like the Trusted Platform Module (TPM). If you have not checked out the TPM recently or not familiar with it, read a few of our white papers on how IT administrators in healthcare and other industries have turned on the TPM and are using it to prevent root kits, enable strong authentication and prevent serious data losses and other attacks.
Speaking of data losses, last week at Storage Visions, TCG and its member companies showed a number of hard drives based on TCG's trusted storage specifications. These self-encrypting drives instantly and transparently encrypt data on the fly in the drive, preventing attackers from getting to data via the operating system. If the drive is detached from the system, it is useless to a thief. These drives can be coupled with TPMs to add strong authentication, and drives are being shipped in PCs worldwide, including those from Dell. The TCG specification applies to hard drives, SSDs and is being used in data center storage devices.
Also at Storage Visions, Jorge Campello of Hitachi and chair of TCG's Storage Work Group spoke about the increasing need for storage security. His presentation, "The Era of Self-Encrypting Drives," is available for download.
You might recall that in December, TCG announced its second regional forum. This forum will support the TCG membership in the People's Republic of China (PRC), Hong Kong SAR and Taiwan and was announced at an industry event. You can read more about this event and view materials at http://www.trustedcomputinggroup.org/media_room/events/past_events.
What's coming up? March 1-5, TCG and members will participate in RSA Conference, San Francisco. Join us on Monday, March 1, 11 a.m. - 3 p.m. for our first Security Playground. Play with solutions for self-encrypting drives, authentication and network security and join us for quick updates on those topics. Want to see more? On Tuesday, March 2, TCG will host a special invite-only party! Collect your invitation at the Security Playground. Learn more at TCG's RSA Conference San Francisco Events Page.
Authentication, Data Protection, News & Events
Read Post4 January, 2010
Chinese Papers Report Real Applications Based on Trusted Computing Concept
Everyone agrees that the values of TCG have to be established in real applications. In a Chinese magazine, two papers appeared recently. These titles are "Principles and Practice of Trusted Security Architecture," and "Computing Environment Security Enhancement Based on Trusted Computing Technology." Though Trusted Security is an emerging theory, most of its fundamental technologies are mature, e.g. trusted computing of TCG. These papers emphasize that the technology of TCG is the most important technical basis to Trusted Security; on the other hand, Trusted Security practices could also promote the real application of trusted computing/TCG, such as the Railway System.
Information on papers follows:
"Principles and Practice of Trusted Security Architecture"
Authors: Li Yucai (Ministry of Railways Information Technology Center, China), Seigo Kotani (TCG Board, Fujitsu Laboratories of America, Inc.), Qian Gang (Nanjing Normal University), Mao Wenbo (EMC Laboratories of China), Li Xiaoyong (Beijing Jiaotong University), Guo Qing (Cisco Systems
(China))
Magazine: Network Security - Technology & Application
Publisher: Beijing University Press
Published month, year, No.: Dec. 2009, ISSN 1009-6833, 27-33.
"Computing Environment Security Enhancement Based on Trusted Computing Technology"
Authors: Han Zhen & Li Xiaoyong (Information Security Architecture Research Center, Beijing Jiaotong University)
Magazine: Network Security - Technology & Application
publisher: Beijing University Press
Published month, year, No.: Dec. 2009, ISSN 1009-6833, 55-58.
Authentication, News & Events
Read Post