At CeBIT 2014 Fraunhofer SIT presented for the first time a solution that creates trusted IT networks, which even provides protection against the router viruses developed recently by British researchers. The “Trusted Core Network” (TCN) reviews the state the routers and other network components are in, detects manipulations and isolates manipulated devices in such a way that they cannot do harm anymore. Originally, Fraunhofer SIT developed the solution for industrial environments, but it can be used for network components as well. Further information is available at www.sit.fraunhofer.de/tcn.
The “Trusted Core Network” was developed to protect machines and equipment in industrial environments against IT based attacks. However, the TCN mode of operation also protects network components against the malware “chameleon”, which was developed and demonstrated in the lab just recently by the University of Liverpool. It can manipulate router settings, install its own firmware and disseminate autonomously. An attack with such WLAN viruses is rather difficult to detect in current networks and the malware may disseminate over wireless networks as well. In the “Trusted Core Network” hubs are capable of identifying each other and checking whether the software or settings have been modified. This allows the detection of infected hubs and excludes them from communication.
The application is based on the standardized Trusted Platform Module TPM as the trust anchor to reliably verify device condition and identity. Each device is equipped with a TPM that stores information about the licensed software and other relevant configuration details. With this information routers are able to verify all the devices in their neighborhood. If the actual state deviates from the specified state the system will detect the modification and raise an alarm. This allows for a quicker and better detection of and defense against potential attacks. If suppliers provide reference values for firmware, attacks in open networks (for example between different Wi-Fi nets) may be recognized as well and thus prevent the malware from being disseminated further.
The prototypes developed by Fraunhofer SIT apply this technology for ad-hoc secure mobile networks and as “Trusted Core Network” for industrial nets. Smartphones and other devices may be included in the security monitoring via protocols as well, for example via the standardized Trusted Network Connect. The “Trusted Core Network” was shown at CeBIT 2014 as part of an Industry 4.0 demonstrator.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.