This year’s Interop ITX event provided attendees with a new variety of products, presentations and technical talks. The Internet of Things and its connectivity, along with security, contained in the spotlight as vendors attempted to pitch their many solutions.
In TCG’s booth (https://trustedcomputinggroup.org/press-rooms/events/interop-itx/), four members showed innovative security solutions based on key Trusted Computing concepts, developed by members and available free to any developer.
CoSoSys’ Sensitivity.io demonstration, Cybersecurity APIs: How can you take out the obscurity from DLP and infosec, showed how data ban be protected at its source to enhance data loss prevention and info security. The company noted, “…The evolution of infosec so far has had the following flow: security at the device level (computers, smartphones, tablets, servers, etc.), security at the content level, and now, we are seeing a new approach – in-app security with Cyber Security APIs.
The entire industry is having the ‘something missing’ feeling, with non-unified security systems, massive amounts of data to analyze and protect, and endless incoming and outgoing channels for data. Looking for data around applications, trying to intercept it, handling data from various sources without knowing what the data is used for, its origin and destination doesn’t make sense anymore.
The strategy has to be shifted towards the security of data at its source – advanced data security, data loss prevention, data classification, user remediation baked-in directly into web applications, mobile apps, IoT devices, at the endpoint, etc. It is a better approach to identify, tag, secure or encrypt data at the application level where all data attributes such as format, content, encoding, its origin, destination, if it is valuable, etc. are best known, regardless of the app infrastructure or language it is was developed in.”
Member Tempered Networks explained that “…A new identity networking paradigm is required to fix the underlying flaw in IP; a flaw that afflicts all networking and security products today. Only through native device identity can we begin to unify networking and security, overcoming the risk, complexity, and cost of today’s networks. With Identity-Defined Networking, you achieve significant CapEx and OpEx savings through radical policy simplification using automated orchestration–with no disruption to existing infrastructure. With an intuitive point-n-click management console, it’s now simple to securely connect, cloak, segment, move, failover, and disconnect any IP resource instantly – anytime, anywhere.
The demo showed ease of use to:
Mocana demonstrated its IoT Security Platform integrated with a TPM daughter board on a Raspberry Pi to show how developers can easily access cryptographic functions signed by a TPM.
OnBoard Security demonstrated the TCG TSS (Trusted Software Stack) 2.0 in action. TSS 2.0 is the middleware that application programmers actually interface with to make use of the Trusted Platform Module 2.0 (TPM 2.0). This will be followed by a short tutorial on the overall structure and programmer-friendly characteristics of TSS 2.0.
Watch for news and updates on all of these technologies.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.