Trusted Computing Group

One of the first parallel sessions on Tuesday discussed the topic of ³TNC and SCAP Working together.² Led by moderator Paul Bartock from IAD/NSA, panel members consisted of Dave Challener, from Johns Hopkins University-APL, Steve Hanna from Juniper Networks and David O¹Berry from the South Carolina Dept of Probation, Parole and Pardon Services.

 

Hanna discussed how with Network Access Control a first step was taken towards sharing information between different security systems. Coordinated security using TCG¹s Trusted Network Connect (TNC) takes the next step ³to integrate real-time information from all your different security systems,² he said. Compliance could come from an SCAP-validated scanner. Hanna also discussed how IF-MAP adds to TNC¹s capabilities.

 

O¹Berry noted a discussion he had with a friend who comment about a standard approach was, ³I can do all this with what I have now.² After his friend discussed how he could do it, O¹Berry told him, ³You just described something that only 0.3% of the people on the planet could do it.²

 

Hanna commented on one company's real-world experience of using TNC with SCAP. A vendor was able to take TNC and SCAP and put together a prototype in matter of days. "That¹s what happens when you¹re working with an open standard,² he said.

 

In one of the first parallel path session on Wednesday, Boudewijn Kiljan from Price Cooper Waterhouse gave a first-hand example of how PcW implemented improved security based on the Trusted Platform Module. Among the main benefits were (1) transparency to the users and, as Kiljan pointed out, since PcW is a financial institution,(2) low cost. In fact, he noted that their estimates put the cost of the TPM-based security as 1Ž2 the cost of smartcard and 1/3 the cost of token alternatives.