By now, we’ve seen the headlines. From Stuxnet to hotel locks and automation systems that are easily hacked, the growing IoT has one thing in common: it’s pretty insecure. Last week, TCG announced its work to apply the concepts of trust and porting widely available and supported existing trusted computing solutions for the IoT.
Bill Morelli, IHS Technology, will moderate a TCG webcast on April 2, 1:00 p.m. Eastern/10:00 a.m. Pacific,https://www.brighttalk.com/webcast/7423/144641, to discuss IoT security issues and applications of trust. Morelli is associate director with the IHS Information Technology and Telecommunications divisions and is the primary analyst responsible for examining the global market for the Internet of Things. He will be joined by speaker Steve Hanna, Infineon and co-chair of TCG’s IoT group, with Stacy Cannady moderating a live Q&A.
As with traditional enterprise computing environments, the IoT can be secured with two questions:
TCG already provides a number of widely used and vetted solutions to help enable trust by establishing identity and integrity. For example, in many cases, the TPM can be used in IoT devices as a hardware root of trust for strong device authentication, measured boot, and remote attestation. For IoT devices without a TPM, TCG recommends the deployment of the IF-MAP Metadata for ICS (Industrial Control Systems) Security standard gateway architecture to establish secure and trusted communications for devices with no root of trust. For information, see the TCG Architect’s Guide for ICS Security. Future TCG standards also will consider requirements of the IoT, including power consumption, footprint and cost.
Attending RSA Conference 2015 in April? ITCG will host a panel on the IoT and security at its RSA Conference 2015 session. Panelists include Rich Nass, Open Systems Media; Chuck Benson, University of Washington; Darin Andersen, CyberUnited; and Cannady.
Details and more info here: http://www.trustedcomputinggroup.org/media_room/news/378
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.