Member Testimonial

"As an industry standards group, TCG has given Lumeta not only the opportunity to participate in effective security solutions but also interaction with some of the world's smartest security minds. The information we gain in our interaction with TCG members has only accelerated and improved the products we offer our customers to protect their networks and data." 

- Matt Webster, Vice President - Product Management, Lumeta Corporation

Learn More

Quick Links

FAQs

Authentication

Why is the Trusted Computing Group forming an Embedded Work Group?

The "Internet of Things," referring to the explosion of Internet-connected devices beyond the typical PC, has already exploded beyond an estimated two billion devices and is growing quickly. These devices range from critical infrastructure to personal household devices. All devices, whether network-connected or even offline, are open to attack and compromise in many ways. TCG believes that its groundbreaking work in Trusted Computing, based on the concept of a hardware root of trust, can contribute in a meaningful way to the need for embedded or built-in security in the devices that constitute the Internet of Things.

What role do trust and the Trusted Platform Module play in embedded systems?

The Trusted Platform Module was designed to serve several functions within a larger computing system. These functions are as important to the interaction and operation of embedded systems as they are to the interaction between PCs, servers, and other network devices. For example, when communicating across a network, it is just as important to be able to uniquely identify a sensor as it is to identify a PC. It is also equally important to be able to establish whether the sensor has been compromised or can be trusted to behave as designed. These are the same platform integrity values that Trusted Platform Modules provide in PCs.

Will TPMs based on the existing TPM 1.2 specification also support these other, non-PC applications? If not, will the TPM specification have to be modified?

The Embedded Systems Work Group is operating on the assumption that the TPM 1.2 implementations now widely deployed will address most of the requirements of embedded systems. Because of the need for different interfaces in typical embedded computing platforms and also some specific functionality requirements, an embedded TPM platform standard will soon be published to cover these requirements.

What kinds of use cases do you envision enabling via the addition of trusted computing technology to embedded systems?

Initial high-level, universal use cases are clear:
  • Provide unique, unspoofable identity to the embedded system that incorporates a TPM.
  • Participate in integrity measurement services upon the firmware and software in the embedded system and store the results of measurement for subsequent reporting.
  • How will management of TPM-protected secrets be done in the embedded market?

In specific environments, narrower use cases will be considered, for example:

  • More complex embedded systems may require trust services based on cryptographic material protected by a TPM.
  • Communications among embedded systems may be protected using a VPN, and the TPMs involved in these communications may be used to protect authentication and encryption certificates required by the VPN.
  • Privacy requirements due to handling of legally protected personal data, e.g., in medical applications.
  • There may be circumstances in which an embedded device protects secrets as a service to a number of other devices.

Other use cases will be considered as well.

 

Don't a number of non-PC applications already use the TPM? Seems like we've seen printers, copiers, industrial PCs, kiosks and others already using the TPM.

Yes. There are printers, video game consoles, kiosks and other devices already in the market that contain TPMs. The most common use of the TPM in those devices is validation that the code has not been tampered with. The TPM may also be used to protect a unique identifier as well. These are the two foundation functions of a TPM in any device.

The primary purpose of the Embedded Systems Work Group is to facilitate the continued evolution of Trusted Computing as a source for security in these markets and to help facilitate the ecosystem to support the concepts of a hardware root of trust.

One comment often heard about the TPM is that it’s difficult to provision and manage. How is the embedded world different from PCs and servers and does that same issue impacts the non-PC space of connected devices?

A major difference is less emphasis on the "take ownership" requirements found in PC implementations. In many cases, like set-top boxes and cars, the TPMs could be provisioned once on the manufacturing line and never again for the lifetime of the box. In other cases, provisioning on the manufacturing line might be done in order to make sure that the device has an initial identity. The purchasing device owner might be given a tool for rejecting that identity and then creating a new one.

Beyond initial provisioning, there will be use cases that require key management. There are some examples of fully automated, built-in key management in products today (for example, the Lotus Notes built-in PKI but also free open source PKI modules). This will be one of the bodies of work that the Embedded Systems Work Group will have to address - how will key management be done in either a "hands-free," fully automated fashion or in a low-touch fashion.

 

Is there any role for self-encrypting drives in embedded computing?

A core Trusted Computing technology is the TCG Storage Opal 1.0 specification for the self-encrypting hard drives that are now widely available and are expected to ship as standard equipment on many new PCs in the near future. These drives can also provide protected storage for keys as well as generation of new keys.

Many of the devices in the Internet of Things generate data as their primary function. Sensors of all sorts are examples of this sort of device. Often the data collected by sensors is of a sensitive nature and those devices are only connected to the Internet intermittently.

Sensors in vehicles are an important example. Another example is sensors used in collecting terrain and geological information for a company exploring for oil, minerals or metal. This prospecting data may have significant value. It could affect the valuation of a parcel of land. It could affect global commodity markets or even governments in some cases (think of the effect of the discovery of oil deposits in the North Sea). In situations like this, automatic encryption of data at rest is clearly of value.

Another example is that a great deal of personal financial information could end up stored on many embedded systems. Disclosure of this information is hardly likely to shake the pillars of Wall Street, but it certainly could be a disaster for an individual or a company. In today's market, the primary reason people give for not engaging in on-line banking is their concern over the security of their personal financial information. The same concerns apply to the use of embedded systems that may be required to store this same information.

 

Are you looking for additional industry participation?

The Embedded Systems Work Group is actively seeking participants who require secure and trustworthy embedded systems. We are interested in your problems and your requirements. We are willing to work with members to determine whether and how Trusted Computing can solve those problems. This is a cooperative, experimental approach seeking the best possible answers to customer problems by using existing security technologies and best practices. A serious effort will be made to succeed with each problem case.

The Embedded Systems Work Group is a hybrid work group. Part of the group's responsibility is to write specifications that apply Trusted Computing technologies to the security problems of embedded systems. The other part is to work directly with customers who depend upon embedded systems in their business and who require those embedded systems to operate in a secure and trustworthy manner.

Cloud Security

What is the Trusted Multi-Tenant Infrastructure Work Group?

This work group was formed in 2010 to develop a standards framework for implementing:

  • Shared infrastructures
  • Multi-provider infrastructures
  • Reference models and implementation guidance
  • Identify and address gaps in existing standards

The vision of this new work group is to develop an open framework, using existing TCG specifications when appropriate, which defines end-to-end reference models for the practical deployment of trusted cloud or shared infrastructures.

What does “trusted multi-tenant infrastructure” mean and why was it selected as the name of this work group?

Multi-tenant infrastructure is an industry term for infrastructure that is shared by unrelated users. This is similar to what has been called “cloud” computing, in which users access computing resources that are hosted offsite by a third party. While this model can be very useful for many users, obvious issues including security have arisen.

Trusted Multi-Tenant infrastructure enables a consumer to establish trust, exchange information about the platforms they use, assure compliance to agreed policies, and provide measurement of platform state. The ability to establish consumer trust in shared and multi-tenant infrastructure drove the formation of this work group.

Why is the Trusted Multi-tenant Infrastructure Work Group necessary?

As noted above, security is emerging as a key issue to what many think of as cloud computing. The fact that data resides offsite and is accessible by users remotely over networks to multiple endpoints around the globe creates new security issues. We believe that the incorporation of trust to these infrastructures and the application of many existing TCG specifications can mitigate such security problems. This work group will examine how and what other elements are necessary to secure and grow confidence is the use of multi-tenant infrastructure. For example, the work group will
  • Standardize: identify and address gaps in standards landscape to enable trust
  • Establish trust in the provider of IT services
  • Establish and monitor compliance to changing IT policy
  • Assess and monitor compliance to cost, policy and performance objectives
  • Do this in a multi-sourced, multi-supplier ecosystem
  • Provide a Reference Implementation Framework for TMI

 

The work group will examine providing logical security domains to house various consumers across shared infrastructure. Issues the work group will address include establishing trust with providers, accountable compliance to policy, reliable logical isolation and related issues.


What does the Trusted Multi-Tenant Infrastructure Work Group hope to achieve?

This work group's objectives are to provide a framework to:
  • Enable consumers to assess the trustworthiness of provider systems
  • Enable real-time assessment of compliance as part of the provisioning process
  • Support real-time monitoring of compliance to agreed policy
  • Provide a reference implementation guidance framework of standards

Will the TMI Work Group create new specifications?

This work group's objectives are to provide a framework to:

  • Enable consumers to assess the trustworthiness of provider systems
  • Enable real-time assessment of compliance as part of the provisioning process
  • Support real-time monitoring of compliance to agreed policy
  • Provide a reference implementation guidance framework of standards

 

Which TCG members are involved in the TMI work group?

Any TCG contributor member can participate in the work group. It's chaired currently by TCG member representatives from HP and BAE Systems and many other TCG members are participating.

Do you anticipate that other companies will join TCG in its efforts? If so, which ones would you target?

Yes, we welcome membership and input from the cloud providers and vendors supporting cloud computing. The TMI Working Group is structured to develop and use a reference implementation framework to identify alignment and/or gaps in the existing standards to accomplish the goal of implementing a trusted solution drive technical standards from a business value and solution point of view, so companies interested in providing or consuming multi-tenant infrastructure services are encouraged to join and contribute. 

Companies interested in joining can contact TCG and learn more about membership at http://www.trustedcomputinggroup.org/join_now/membership_benefits.

Which existing TCG specifications are relevant to the Trusted Multi-Tenant Infrastructure Work Group’s efforts?

TCG has a number of existing specifications that play a role in the trusted multi-tenant infrastructure. These include the Trusted Network Connect (TNC) architecture, the Trusted Platform Module, specifications from the TCG Infrastructure Work Group and work underway in the Virtualization Work Group.

While the Trusted Multi-Tenant Infrastructure Work Group is new to TCG, our members have been thinking about security and the cloud for some time. For additional information on that, you can read our recent Cloud Computing white paper. You can also read several articles on this in the Media RoomSys-Con,  and at Sys-Con Cloud Computing, and view a short video of one our members discussing this topic.  


When do you expect to see users benefiting from the efforts of the TMI work group?

It is the intent of this working group to publish use cases, discussion papers and engage in public dialogue throughout the process of developing the formal reference models. We would expect to begin releasing material 3Q10.

We will also host open discussions on our LinkedIn group


Embedded Systems

What do you anticipate is the timeline for deliverables from the Embedded Systems Work Group?

The Embedded Systems Work Group has recently organized and has started work in the sub-groups. Drafts of use cases and frameworks for use of existing specifications should be available late in 2011. Drafts of new specifications should be available in 2012 and early 2013. When working directly with customers, we anticipate a project timeline of six to nine months for a project that involves direct experimentation to solve a current problem using existing technologies.

Why is the Trusted Computing Group forming an Embedded Work Group?

The "Internet of Things," referring to the explosion of Internet-connected devices beyond the typical PC, has already exploded beyond an estimated two billion devices and is growing quickly. These devices range from critical infrastructure to personal household devices. All devices, whether network-connected or even offline, are open to attack and compromise in many ways. TCG believes that its groundbreaking work in Trusted Computing, based on the concept of a hardware root of trust, can contribute in a meaningful way to the need for embedded or built-in security in the devices that constitute the Internet of Things.

What role do trust and the Trusted Platform Module play in embedded systems?

The Trusted Platform Module was designed to serve several functions within a larger computing system. These functions are as important to the interaction and operation of embedded systems as they are to the interaction between PCs, servers, and other network devices. For example, when communicating across a network, it is just as important to be able to uniquely identify a sensor as it is to identify a PC. It is also equally important to be able to establish whether the sensor has been compromised or can be trusted to behave as designed. These are the same platform integrity values that Trusted Platform Modules provide in PCs.

Next