We’ve been a broken record about IoT security, wondering where a vendor group was. Look no further. The Trusted Cmputing Group (TCG) has announced the availability of an architect’s guide to its hardware-based TPM (Trusted Platform Module) 2.0 standard for IoT and other embedded security and which recently gained ISO certification.
TPM helps developers:
– Use hardware to provide stronger security and privacy protections than software based technologies.
– Create and protect the usage of cryptographic keys for security and privacy scenarios.
– Protect cryptographic private keys from being exported.
– Provide dictionary attack protection to prevent guessing PIN values used for authentication.
– Record and anonymously report the software loaded during the boot process.
Key improvements for TPM 2.0 over TPM 1.2 include:
– Supports more security and privacy scenarios with more algorithms.
– Allows easy expansion to support more cryptographic algorithms over time.
– Structured as a library of fundamental security and privacy primitives, ready to be adapted to new computing solutions and applications defined inside or outside the TCG.
– The TPM doesn’t need to be provisioned to be useful, for example, its cryptographic functions are always available.
– Privacy and security administration of the TPM are different functions.
– Flexible provisioning allows TPMs to be deployed with a secure by default or an opt-in provisioning model.
TCG offers an active Embedded Systems Work Group, which includes a committee dedicated to IoT security. That work group also has published a new spec for the TPM in automotive security.
To read the full article, please click here.