Trusted Computing Group Commends National Institute of Standards and Technology (NIST) on Mobile Security Recommendations

Date Published: December 20, 2012

Special Publication 800-164 Recommends Highly Secure Hardware Root of Trust

 

 

PORTLAND, Ore., Dec. 20, 2012Trusted Computing Group (TCG), which enables security in more than 1.7 billion endpoints, has commended the National Institute of Standards and Technology (NIST) on its recent recommendations to base security for mobile devices in a hardware-based root of trust (RoT).

 

The agency issued Special Publication 800-164 “Guidelines on Hardware-Rooted Security in Mobile Devices”, in October for industry comment. The report notes in its abstract, “Many mobile devices are not capable of providing strong security assurances to end users and organizations. Current mobile devices lack the hardware-based roots of trust that are increasingly built into laptops and other types of hosts.”

 

NIST’s report goes on to note, “Hardware RoTs are preferred over software RoTs due to their immutability, smaller attack surface, and more reliable behavior.”

 

Brian Berger, TCG director and marketing work group chair, commented, “TCG’s approach to security based on the hardware-based root of trust has been vetted by the world’s leading IT, security and computing companies and proven more secure than software-based approaches. As simple cellphones have morphed into connected, high-value computing systems, it only makes sense to offer them the same security, based in interoperable industry standards widely available to all, to protect sensitive personal, financial and corporate data.”

 

TCG has long advocated the hardware root of trust to secure systems and data. To enable such trust, it developed the TPM, or Trusted Platform Module, specification. Discrete or integrated implementations of the TPM now protect more than 500 million systems.

 

Today’s BYOD environment also is forcing enterprises to deal with a growing number of unknown and potentially dangerous devices. TCG has extended the core concepts of the TPM into a draft Mobile Trusted Module (MTM) specification. The MTM also supports the Trusted Execution Environment (TEE), which was developed by industry as an open approach to adding security to mobile devices.

 

The Trusted Computing Group (TCG) provides open standards that enable a safer computing environment across platforms and geographies.  Benefits of Trusted Computing include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity.  Organizations using built-in, widely available trusted hardware and applications reduce their total cost of ownership. TCG technologies also provide regulatory compliance that is based upon trustworthy hardware. More information and the organization’s specifications and work groups are available at the Trusted Computing Group’s website, www.trustedcomputinggroup.org.  Follow TCG on Twitter and on LinkedIn.

 

 

Brands and trademarks are the property of their respective owners.

Tweet this: #TCG commends #NIST recommendations for HW RoTs to secure mobile devices

 

Back to News Listing