Trusted Computing in the Cloud
The success of cloud computing will be dependent on security. Already, a number of data breaches from cloud providers or vendors have emerged, for example, just last week, an attack was reported on Google's stash of millions of passwords for services that live in their cloud (http://www.nytimes.com/2010/04/20/technology/20google.html). Last year, Google was the victim of another data breach of records stored in its cloud. A Ponemon Institute study found that data breaches that occur to data stored offsite cost 40 percent more than for data stored locally (http://www.databreaches.net/?p=11128).
What does Trusted Computing have to do with securing the cloud? As it turns out, the core concepts of Trusted Computing and resulting industry specifications, many of which are widely implemented in cost-effective products, can do a lot to make data and networks safer.
The Trusted Platform Module provides machine authentication; hardware encryption; secure storage of keys, passwords and certificates; and attestation to ensure systems have not been altered maliciously. More than 200 million PCs and other systems have a TPM and many software programs are available to set up and manage these systems, remotely or individually.
TCG's Trusted Network Connect network security architecture helps users control access to networks based on user identity and device health. Self-encryption drives based on TCG specifications encrypt data using hardware in the drive on the fly with no impact on system performance. And users can't turn this encryption off, as they often do with software encryption.
TCG has published a white paper with more details on this topic. Learn more here!
Categories: Network Security, News & Events