Trust, according to the Merriam-Webster Online Dictionary, is assured reliance on the character, ability, strength, or truth of someone or something. While trusting your computer can seem like somewhat of an oxymoron, anyone who has been a victim of a computer virus, worm or other malware should certainly appreciate an industry effort to provide an approach to avoid these activities and provide more consistent behavior from their computer. With these goals in mind, the Trusted Computing Group (TCG) was established to develop specifications for trusted computing building blocks and software interfaces that could be incorporated across multiple platforms without compromising the functional integrity of the computer, or privacy and individual rights of the owner. Since critical information is stored or accessible by several means in an enterprise, trust must extend to more components than just the computer.

To date, TCG specifications have been developed for desktop and portable computers, mobile devices, storage devices, and the network itself. Of course, these specifications only provide an improved level of trust if they are implemented. Since, the implementation process is well underway at many suppliers and users, understanding the concepts of trust for computing devices and how trust can be implemented across the enterprise to ensure data protection, network security and protection against viruses, malware, and other attacks is essential. Once understood, more informed decisions can be made to implement a higher level of trust.

Perhaps the best starting point for establishing trust is to know a little more about the Trusted Computing Group. The organization consists of about 140 member companies involved in hardware, components, software, services, networking and mobile phones. Many of the companies are well-known leaders in their specific area. These member companies determined that the level of trust they could deliver to their customers would improve with a collective effort. As a result, TCG’s primary goal is to help users protect their information assets (data, passwords, keys, and more) from compromise due to external software attack and physical theft. The specifications developed through this effort must be easy to deploy, use, and manage. When implemented, these specifications will improve the trust available within the PC and the network as well as devices connected to the network, including mobile phones, PDAs, and servers. The specifications establish roots of trust for remote access, identity management, a public key infrastructure (PKI), secure email, and file/folder encryption.

Roots of Trust

Establishing trust in components is not unlike the process used to establish trust between people or organizations, only it is much more formal. Before trusting someone that you don’t know, you look to those that you already trust to vouch for the person. In TCG terminology, Roots of Trust provide the foundation for building trust for trusted computing.

TCG defined Roots of Trust include trust for measurement (RTM), for reporting (RTR), for storage (RTS) and for verification. An Attestation process verifies the accuracy of information. The initial building block for establishing trust is a hardware element known as the Trusted Platform Module (TPM).

The TPM is typically a microcontroller that stores passwords, digital keys, and certificates to provide unique identification. Either a standalone integrated circuit (IC) or embedded in another IC such as an Ethernet controller, the TPM uses standard software interfaces to work with other security methods to deploy secure applications. While the TPM normally includes just the RTS and the RTR, it has several key components as shown in Figure 1.

Figure 1. The Trusted Platform Module’s component architecture incorporates memory and a communication bus.

Integrated functionality includes Random number generation (RNG), HMAC (Keyed-Hashing for Message Authentication), SHA-1 (Secure Hash Algorithm), and an execution engine as well as a cryptographic co-processor.

Access and control of the TPM’s operations occurs through the TCG Software Stack (TSS) interface. TSS communications with the TPM can occur either locally or remotely. The TSS provides a standard set of application programming interfaces (APIs) so that application vendors can use the TPM.

Already well established in over 60 million computers, with Microsoft’s use of the TPM in its Window’s Vista operating system as part of the BitLocker Drive Encryption, the number of computers with a TPM is expected to increase to over 200 million in 2009.

Using Trusted Computing

Success stories from end users who have TPM-enabled computing in their organization provide both encouragement and details for other organizations that are in the fact finding or decision-making process. In some cases, the users employ the TPM for password management, single sign on, email security, data protection, and more.

For example, pizza-maker Papa Gino's connects with 170 branded stores as well as 200 of its D'Angelo Sandwich Shop locations from its headquarters. Using Dell computers with TPMs, the store locations transmit and receive data from headquarters over public networks. Since some of the data is quite sensitive, including employee records and financial data, both transmitting and receiving entities required a level of assurance that only authorized users were requesting access to the corporate network.

Using the TPM-enabled Dell computers with Wave Systems’ Embassy Trust Suite software to provide end-user applications that work with the TPM, Papa Gino's actively manages the TPM devices and user credentials. With two Wave Systems server products, Key Transfer Manager Server and Enterprise Authentication Server, employees easily create and verify digital certificates, securely encode, and decode e-mail messages securely, and quickly save and encrypt files taking advantage of TPM-protected certificates and passwords.

To protect customer and employee data from Internet-based attacks, Personal information Manager (PIM) software, secured by the TPM, isolates contact information, passwords, bank access codes, and credit card numbers. With multi-factor authentication, some employees reach their programs with a single factor while others require at least dual-factor authentication for network access, providing the appropriate level of security for each department.

Instead of using third-party vendors to encrypt content before backing it up, these transactions are now performed locally in house. With encryption keys residing locally in the TPMs, copies are automatically passed to the Key Transfer Manager Server providing both protected and recoverable information.

Extending the Roots of Trust into the Enterprise

While desktop and notebook computers and servers provide obvious entry points to the enterprise, without addressing the full system, any data access or storage point becomes a potential weak link that allows access to a corporation’s secrets. If a more trustworthy operating environment is among your organization’s goals, consider the following three scenarios. In today’s security environment, a worm, virus or other malware on a PC that connects to the network can easily spread across it. With TCG standards implemented, network access is denied to an infected PC preventing malware propagation across the network and to other connected computers. Today, wireless access to the network increasingly provides alternative attack methods including sniffing. Remote access points without the appropriate authority are denied access to a TCG specification-protected network. Loss or theft of a device with sensitive or regulated data forces a company to disclose a data breach. With encrypted confidential data, unauthorized parties cannot access the data on computers, cell phones or storage devices so a data breach disclosure is not required, avoiding extensive corrective action as well as cost.

The key to the secure alternative in these three instances—extending the trust concepts to the entire enterprise—has motivated several different TCG workgroups. Figure 2 provides a visualization of how the TPM and TSS implemented in various endpoints protect the network and provide secure remote access, identity management, a public key infrastructure (PKI), secure email, and file/folder encryption.

Figure 2.  The TPM and TCG Software Stack or Trusted Platform Module Software Stack enable trust in network endpoints and secure network activities.

For network security, TCG’s Trusted Network Connect (TNC) specification provides standards for virtually every aspect of endpoint security either published or in preliminary form. Without standards, existing products have compatibility issues. TCG’s TNC architecture provides a framework to achieve a multi-vendor network standard that includes features such as Platform-Authentication, Endpoint Policy Compliance (Authorization), Access Policy, Assessment and Isolation, and Remediation.

Relying on anti-virus and personal firewall software for portable computers is not acceptable for a secure corporate network. An authorized user can gain access to the network from an external site to simply check email. If the user’s computer has a virus or rootkit, a software tool that conceals running processes, these unwanted software items can spread to the network. By taking advantage of the TPM, deceptive or lying endpoints can be detected. Using the hardware-based security of the TPM for integrity measurement and remote attestation, the limitations of software-based protection can be overcome.

With the TPM, the TNC specification establishes a level of trust in the state of an endpoint and also ensures the presence, status, and software version of mandated applications. Using the popular IEEE 802.1X authentication protocols and other network access methods, TNC provides network access control for wireless and wired Ethernet networks. At the same time, the interoperability enabled by the standard overcomes incompatibility issues between various network entities inherent in proprietary or single supplier solutions.

Trusted Mobile Devices

Increasing remote access to the network from mobile devices other than portable PCs requires special attention to allow authorized user access without creating a back door for unauthorized network access. In addition, mobile products, such as cell phones need security for their own protection and the emerging transactions that they can initiate and/or approve. For products that use wireless connectivity, TCG’s Mobile Phone Work Group has extended the TCG specifications to support cell phones and other mobile products with the Mobile Trusted Module (MTM) specification.

Regulations and restrictions for cellular products required that the MTM in the Mobile Reference Architecture take into account the interests of various mobile phone stakeholders including the user/owner, the device manufacturer, the network service provider, and others such as enterprises and third parties. As a result, the MTM draws heavily on the TPM but has unique distinctions.

To meet the Trusted Platform’s three requirements for roots of trust for memory, storage and reporting, the Integrity Management Model defines the infrastructure functions. Reference Integrity Measurements provide the building block elements for platform attestation. Supplied by the device manufacturer or the Independent Software Vendor (ISV), a set of known-good integrity metrics specifically identify the correct code and provide reference values. Measurements comparing actual reported values to the configuration determine if the unit is within IT specifications. If a non-match occurs, something has changed indicating that the access requesting entity is not in compliance. Not allowing access prevents malware from accessing the network.

Based on this draft of the specification, several secure operations can be executed by a trusted mobile phone. The mobile phone can now protect user data and identity information as well as device identity information. In addition, content downloaded for patches, new applications or other use is secure. Mobile financial transactions such as payments and ticketing can be conducted in confidence.

Trusted Data Storage

In many respects, securing the point that contains the sensitive data has been an overlooked opportunity in organizational security systems.  However, with TCGs most recent development for improved enterprise security, the public availability of TCG Storage Architecture Core Specification Version 1.0 Revision 0.9 – draft, storage can become a root of trust. With the goal of establishing storage elements as roots of trust, the working group is developing standards and practices for defining the security services across dedicated storage controller interfaces. The interfaces addressed by the specification include ATA, Serial ATA, SCSI, Fibre Channel, USB Storage, IEEE 1394, Network Attached Storage (TCP/IP) and iSCSI. Starting initially with hard disk drives, the workgroup has already extended its efforts into other storage systems including removable media drives, flash storage, and multiple storage device systems.

Targeting storage device manufacturers and platform-based application developers (ISVs), the specification provides the architecture for implementing trust and security services on storage devices as well as describing the interface for this process.

A trusted drive encrypts all data directly on the drive and the encryption speed matches the throughput of the drive interface so the process is essentially unobservable to the user in normal operation. For the highest convenience and ease of use as well as lowest cost, disc initialization, installation, and configuration are not required. The process uses partitioned, hidden memory, security firmware and hardware, trusted send/receive commands, and hidden memory assigned to applications.

In addition to an unobservable cryptographic processing of secrets and use of custom logic to provide fast, secure operation for the cryptographic functions, protecting data on a hard drive requires tight access control for secret information. Once again, the TPM provides the key with its hardware-based key generating capability.

If a trusted drive is stolen, repurposed, or taken out of service, it remains protected. Simple user and security ID keys make end of life and repurposing instantaneous and secure.

In the enterprise, a trusted storage system allows authorized access to critical data while preventing unauthorized access or modification of that data. With the increasing likelihood of disclosing confidential information through the loss or theft of easily transported data, trusted storage provides a means to avoid disruption of the smooth and efficient execution of normal business activity.

Developing a Trusted Computing Enterprise

With specifications finalized in some areas, well along in the development process in others, and beyond the conceptual/identification stage in all the rest, the Trusted Computing Group has taken the necessary steps to make trusted computing possible. Moreover, the trust can be extended to the enterprise, to any of the entities that can compromise sensitive data. Since this is not a single supplier’s effort, the multiple platforms and operating environments addressed in these specifications benefit from the analyses, improvements and enhancements that numerous knowledgeable experts made to avoid potential shortcomings and flaws. These open specifications also avoid locking into any one supplier to obtain this level of trust. In fact, several system suppliers already offer products based on TCG specifications. Built on the TPM’s presence in computers, servers, and portable wireless devices, such as cell phones and PDAs, software developers can develop applications and network administrators can integrate trusted components including computers into their networks.

Brian Berger is the Trusted Computing Group’s marketing work group chair and executive VP sales and marketing for Wave Systems, a trusted computing applications developer.