|
|
|
TPMs Make E-Commerce Safer
By: David Coursey
2005-08-12
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Opinion: Trusted Platform Modules will put e-commerce transactions on the user's side of the network.I got interesting responses to my recent column on Trusted Platform Modules, which I see as having a great future in resolving some of our security problems. TPMs, if youve never heard of them, are chips that store cryptographic information needed to unlock hard drives, authenticate network log-ons and perform similar tasks.
 Click here to read more about David Courseys column on TPMs.
Heres an e-mail I received from reader Jason Barkeloo, who apparently warned me of the pending rise of TPMs some time ago:
"Dig deep into the recesses of your mind. Do you recall our discussion of TPMs about a year or two ago?
"Hint: The developer board from Intel (x86) that Apple is now using has an Infineon TPM on it. No surprise why Jobs moved so quickly! The Trusted Computing Group (TCG) really has some legs under it now. Watch out! A secured Pixar movie coming to your desktop soon."
Jason says that what excites him about TPMs is their role in electronic transactions because they can turn the transaction into the passing of anonymous certificates, which still make sure the money and the product get to their proper destinations. Hacking such a certificate would not give criminals access to personal information such as credit card numbers.
"I want to do the transaction for the movie on my side of the network, not on the server-side. Server-side is akin to walking into Kmart and handing the clerk your wallet and asking him/her to photocopy and store your information. You wouldnt do that and it is why the current ecommerce structure is broken. With a TPM you can control the transaction from your side of the network and the server (and administrator) has no control over it. This I like. This is client-side control."
The column also mentioned a 2000 study by nCipher that proved software-based security to be inherently insecure, if the hacker is determined enough. Following the columns appearance, the company sent me a current report, this one a 2005 survey of 237 security decision-makers.
The survey found that "25 percent of respondents have already deployed or plan to deploy TPM-enabled desktop and laptop computers within the next two years, demonstrating that enterprises increasingly want to protect keys within dedicated hardware security components."
For more insights from David Coursey, check out his Weblog.
According to nCipher, while this reflects an impressive adoption rate for a relatively new technology, 28 percent of respondents didnt know what their plans were regarding the new TPM-based security features.
I dont find the lack of knowledge about TPM to be too surprising, but as I said in the column and John Spooner reported in a related story, TPM has begun to generate a great deal of attention and is starting to come onto the radars of almost everyone in data security.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������x}ks8q�8c�=mGJɖ�kc[^K7SJE1ErIʎ3wr�o7�%?2s&3%�l�~h@λ$i9�rsݙk��j֢w.�?���Yf8m�TEK\ߤ~�Am;t� =4mMFNHB��}@~sfw��D%x�_'Щ�ѩ&wɔZiКل�ؕ>}~qbw�.pqLQ�m/5x�uKަ�%�x_�ERz�gEQ}%k[!t�U�N(�7*GUFn�3p�a_ʞ��y5E�xLԤ#|xB�g�xd�Yǝg�3
(ƻ�fՉziZg�dd
vu6�L)L|HI
CuaOǍ�@uhshm�7Ea�jj�T+W^rwwW�ӽ�l˙P^pgoF3j/��(֝�h
n+Va*λW~d@.z;ggQa'H
|'�?;�QR�"jt8K�Q�I�1u$�@Bݣs>o�VWB-hZIAr��ija�[�E�4fEU}$nhЖL-AA9AX6&�Zi�C�A+WtW1e`>i_?]r\w/ڽ>9]vsGR}Bg#j`BcYq}UZ~�\?
�/x�_g6~�l
M���u�ô�W+ZxSwL�y%Ku}7�p�@W-CrlNVڒ1Wb{H
.Cu&͓Nk&E;~C�T�364>H�,H�!eݴ%�g榣V'cW*P\?,Ëʾ��b�(7ZdL��,��1,{Lt�p6� 0h��v3�Ϩig8�9y��tD�AG61^�zK
ucj���>; ä���p�w�>-Fv9s�{Q �{>�0i��CkF�QD$��h��-D�@wM0I�e+�!3@uK LΝ߀2fà�F{t$�,/�#0/ Zm��{����Ae^~�}�̢!1y@��X�jouG
&��SsnPBzԁ!~9.Wb�&O^ ��"= E�EK�i�@$� $h�-4`��r.���
�Ŋ|?#!bRN[
��T6ݞ�H:s'PTVh&RأXB�^�X/E_R�2әJ2j2kl�ƪń(VFNL�1|�0��VRx5Vn`oʡW鐦 2,X�}=˚hn&i���[NH:�5$!.*l�h�Awp=7cBCEw[JͰ"hZ5{8�.Ƈ5=tlSr`8)ՠ���Z&4B
ڛw=yE"* ,q�r��y��d:*�NZr�I۶h
ZMME�c7�˅L< +UPL
g<)*[hy�Qtʝ+PXY3V7�\EYbꞦq�H1g0dz7[V@q=13�7R�tgZ�C+>q^i.;[Oe]Zr{A^ӛA'~.MB[+�ҞY�E��9&ےx��A-ʘ�ƗZZ"��J�P>VL"�CɧqHL�d�-~6���pȞZc�7l`(`R5) KJt�yP+�%٬ X;7l d
�A�qF�NfJ� ��[��|t�u���Cߵs|#S=dʸ:��X*�tBJe�כA6ҧ����x��ZWS�}��&<�D��2|P\���+�PЁ*:tgpp2t�=%
Τ_8�'W����u��у=&:Le�"6Xc�e߯C�_=�1V�}Z`"AdX(%UMp��l"�zd\8˰De�
F;vm۽�tܓ(�yR+r!�স��'ֈqHU� 1/]��g�
CĕQNjް~�Pk6&�B�p�M�J}�[ܑ��֥���\wbSIBo@��uJRM�](Xk;����}c*O�Vx@C�̍ �E�.�
�Zs �g(�DrIa XWk�\`й�٩�7]���KIN�l��ԘBS�7ߏ90gxyd���.>�3IV/��ЪZ�Z:Ύ^�
>玾yP�2�<Œ&��1PyX 0{h'0^˒V`|Y�a_�Q>^HkK��2)<:�,�7\W4Uud
XX 0�X�A,C{��Mt��AjY�,���0Y~˗2ñ"9AY;6WVb�=>g`
Dq58_���F��ilLabDhjgE;@<~誦URC`x,4J$B�fĜAYo]b+o>�5=1۠O�~}R�5F70p��#=ܓe�+_�>�M}��;L�;6��E;`3"�v�ubGymrO�$��М�O�Z*h}Xi&E#�uya�DClУA$7v)`ܘ��EpXH[^Oq�Vߊ>
P5u�RQ�X\u@VI^A
ұg�/@C׳@.7f^u,σ2w4A̙�UV<�F�;b`"-]k[I1y1gS��N�Xfy�0wjj_8�aqVZ��URO �U!WT�^>y�_7)~�TC~+m�tAB&qX˲T�\~�U�CU\+Ԋ�3IXᐋ^#DQdQ p�X$${�\�\csI��do(Q뱞~ TX* 6-D`4ϰ��x�;v�.b�
h�MYGV1-vCu�qn'[}�I�myC�.j&2~��*A�eMٸUJӴ%I? O���} *�Q�-ˤӧG++
C��Bg\D@oSc�
us�ć�
R#Zִ2Hw
ضVU�?%̅B-ӄ1⺆a�rU�ç,�,_t�2jUk`?��ʠ��<� �j�;!�8�`�&MMx){��A`r0uq3(��-E49_�I�8L
xϰL�ty'JUVqm?rh�t@,+w~��ؓ@:iwϾ�9����?�N�Kn0y�it�u��ο��iïR���X|ptі��~.�|ˁ�HMw $(��X�Mp��#N2nw/>HW�6Yd�E)0\^�|==蕣`;�p[W��Kǽ�?nvHκ��)�ޠw)z2W#䐠]ju?\�D�d�0�s|i]E�7b�L`fX&IE2#SW5C2�x0M���P��C>$YZ�g�Í7���"lSϝ+�2L:1D&rޚS�)ZB
{QB�A�J;TA:q?Ik�vYh�[��̘pA32%I��bϔ 5m$Mj3f�k��C@$_:�Iv(+HldA�j�SӚmf�.غm|<
gl)LZQ6�A|�J|
a=nE@��)RpG[(#}@J^KKHeW:BZ}���G�s`Nc#](Sw3vظ�vd\�:Gw*b>9,_�}hNӅ[�`�Сw�{v�$sm�g=w1%�zNh53@
\c���uvpW߁�ةH*�Er�o5
W8_I-#A�ɼ��}g��7o��m�T�=eNd�?IАZ�=ty9!�-�Pݷ͆ؓ9̆{_Jǻoc$Ǯv'ۻw�}Zw[q*ApMG<�ҀI1M$�ZQH�**s攤�vW��&�b:`@Ɍ7#Oҁ{&-3(��#F
߸2{K#�N7K}{�U"�Ϻ�4v�7
]ekw}B%u�J+z9nwZh�p;T�%%դYȁIQ�)"y�6Kh#jv.b_;+�&bidO1\T}|Syg!,d���a���зF�؞qa��L��drOC%��7÷Fp7�*'cc3ψF#xk��(6-l�@|Pp�h(0q�ajcZ/Iqb��ulD[cCƣd�C~��s2q�1Kpߕ_R;Mo,)�?��B�i{\nEa�Q(^ h�ލ|�"s�(u�©�KݴC&3ˁUmsZT5�P:�oWYUUEٗw:y�{ďC$U3�%Sb�F"قsB�/@:`6;9]Gk4fIHvn�/f;���pTns2;:��L��іs�zPUE%}�Ȣ_I|1pS '�%(�Xe0s $'��Gk�x
�"X[w&? �>bYͣ�<
d�L1^6m>�,DJp'O�.
`�n�Cэ"�.NU^
�NvA\W&B
v�O"wN�~>����,rzT���? njZX`²66@�=�˪&Rt0z|Sz�h6.@1Hn���r�[�HjISK5Yd�N`�~A�19���HQ+�)n$,dӲ�s&IN9MY
".,`scﮊm1IU%um��]c�,�>ob
��(%�sO:1dzu@&EH-N�
$H�D!Rc�"I
J}�DXy,&|q+J&MlRlꐮ �;.}
P*] 7p;��@o~��T.R�!rA%�*�w|���J��A}��q�q(i>GڦX~~�ci��q.\ֵ@9e��b�iJ9��Є�-"{�{~e8�4�$)dH�X1A>b5��/K繰R\ kq�� %�e�I�N�ًr%� ��3�RDDsMI"�aK:ӽ�;a�K:#9"�_gӭ�\4ci+jkR=~Ecď�ݱmkB��� p
B|Juoa�,rOoO@H�PdJd O~Գ'<�tyRDe�?vG҆}))z&���L��VE}j8|�'�|�e8V�?Y2�虐�鉸i>Nkgv]g'blq�8r^ a~ЕU�Ւ.,ZC&9_ p?= xK.�ϣԜP��P�nn\u[A ��in�ݑ�U(�gٖ%
C�X7P 痮m�S_/��7p@x��[ �ZmQ�$n�SZN�8�hj>�
)KԟZ��7ݠ,�N!6��KWsv;$иR/]GWZVPe0,�ƞ�p(�K*����: �JH,�AlH&L1>s`[=@7P
"mm�GIH�W�İ@4lD`|If�e(\POZYlHRy�.P�}A} CYֈBQ�*W"߶�]r@7K�
/
`�~mX�LM�|#�n�
ݔ*jT*I���זtb��ᐈw{lD
�mjoH%碒8�JHJr1�Tx�^�<\*��KԆ?*h�̖�0�I�hDւJy
~O!՟b7N|K
�\
SON5�||z-Zea{v�Pu.�>#�G;�˵� F��W
��r�|��� tg�@CmPR@@�sJ��8�V�eP��ޯ �R,㏆x|E{�:mB;ް��jf/ǭADoS�F\WZ(u_�DZQLq�:X;u"n`�PEu0��x5sdD�onX{/�XI}�ӻ�rASH�m+;9kԳ;&2@W3՛0qZ3暂z_G�#�0`�ùmJxA�s:V<
o3 w3�DhMj`1nO},�Pk'=yD/e^m1�Tx%q�ۓ3X튃:G"?`��c})!"�����a�9�a!67�us{.�c[Sݶ�Ϥ�[뎅Ts�Ƈ�bݜ@$�"!��ըgO,-�c\ޏ�GG΄!W7%��JfͤÙX<[v�L�NOaW2��rny�o{��W{ h%oAȸr_|k��N4%+\n;jBN�k?X]xmƧZx�M_
o��&Rl�j�V��VgOEq�F{�L [�GV̽KyD敲�R;`Gwm�T�6 d%hj֢�_fXV"j%"Q0M_ٻ"�cqXͯ6 �Xz�kbq9Ⴣ%�=݇^&]ݽ]s\uܺF&�}�;�=KG>W-T G *`\l{;�pOe�}��S&Lm ~��H:ēe�l�*ȯ8
e;�֭�2n[*�x�~�]�[G?�=eO)��
Jo\k_A'-ghgϡ?:njK��x|���gHz�-�1_Cw(6Q���@�amI��Yx1#MW�*b�
:&M*q�#o�g?n�$Su,,1�Nd?D)гOA�G��q副t��E�����B~U�`Jux�)=��I.%bYœ;Ce-qG\Td�uמS|l:5>^�o�Ɛ�
TQs�#!kjj`���8!;��hX>��Lb�?��}�%�Dq+!5� e9L
'5w�1i}P2D�O#R�%1�w�d(�#nL|w�?:-�MV��FXz-Ic֪��Z�"�'"�KI�H ^X0|~4�.2dR����
/)_7`1{iQƣ1gfS�Y�h9э��cj9Fa*1u5b? @�,ttAj-bYA-c�2Ʒ^Z!tOpkBxS^P:IU�3H>P7 J$�RM�`�4C-5֠�)|9}nZӚbfă
ZOk�a`;Xḯk��j=!v�C`.�)}�+n-{sxb(fUj*!^|{;�1)��.�q:ƒq. )e}G�2Cmf|�5,\�"BπJj͓hi�UR
ؽ*v(/9IW�yj]SjZYS#��0��-鳫F@=(ur3�?&\=-SP}"�Ql;�Rʥz53e��.�֠�K��2L_>PP)%(7c%c�g�a-
� �<�z9~Z2֛��|�\B/��&18��7N
�/0s{EMF^[w&�N@tl'&vUZ�R�j'�W[ "yFsk�<<�?rbS~fbm��)Y\d3+nVTm}yV]�����L\#&�=9�ݱ=�Xn�H�5,���ۈuX�}ׯaddd=+���WT�P E�L�B\_ŌVS\>dFkYF�O1|[&�<#��%� rU%wޠe�ȇ5T?�0'
)Ujueaj+O>2<�pWC��W|�#r(4V�~�}�ݬI�M��L��87%\Б�ܟޔjmO*oSl\q4<�ڀ��k�El�~%:�xdc~V`߯�#= .'̸��9C�冤��
roE�VIv# ,Ő�?ZĮ,H1��L�_�ٹt>"=gs?��>zxX�29k�``� XYѕ�>�ΓJ�e|?~#O�I=�R�d`1V\"aKOv]1Ŵ<4%`>r*�ᜭ#+^K��ʑf, Z~c4:�.ʾRWE�1p4�*pgj9�T�KJ�2�@�:
x�E
�? W>nrS-i`IkB'l��x
�D��v;�:p��bZ�Sn�`װ�Þ3b&y>�{s{�9���K��q��E���/ >+DjV �@���"��F2��O���
s�!�)�u7S�I,cM/x�a 3��s1{"(�n&�.�$ӻ�a8;��wSܕk�srf�t,EףΛ]-GAGG71`�Tg8�X��ں9�P4m+L�xte$AN.Z�f)NLy4�W;ˁWβ�}V�X\m�v����U6üj�WzqL��[DŽ0A~ݾZ>Z�NAw��/|veQc̑:�jc�5�Z[ǜI6
5>M�o���
)ns9�EЌLjV}Qu�xS�?
_A�Pj+�彜r6)?'�|OPi}iCS(?)�-�sa~/r�".`.r��#z _z9�2>.˜~r�猿��7ȡ?�?�}}ʡP9�9g|�sw
y@9{
_
wCi]'I9z�[9|ֺą۩�QNy<ʡJ�E5ৼrXB]Cy<*PC/nr
�(s#h03.Ǒr|;0Q�A^̥-c�@#mq�8��4ή�ws�n
]v5v3}S�ćax�&xO5i�jq[~r^<^Ȭu�j�7-P.Y \aB��ٝzÀ��}n܅
ߊč,as��%�H00(��Gn9��#|�@/k/�g
>w?]u�_o�ҹh
/[�:35J쓭߇
}�F`ͼTV�N)pB��^a�%ɡ1z�Iz�'�!4�EL=#>}58]W�nރ97p�?L-C���$
R#ZִZjVU�?%Wd6##"2t�>�fDdU:��.�UJ�0�XR����^9Q(Fuo*#K0njE�=u̐g�a���0V�J�!'\B�x'�3�a`JM�_||mBfH��6T<�'u~�m'�oє^\gC�j�ǓH,_bYd9\`a�{���:~ sn�7:aKƘS�DM�KIn�_!g]x@s`�|!�g�P�cV}~Eӟ�F}�q!2aNS}A;��"�n#$�����;`5q�f\cI_`���Ӯ�S߇w�GB��0Ar�>�t Ccj$d�5V$G3x7X05:�%�aie8ۈ8��3OM=-gr�5s
-^��?}6g�xH-����ug+6ba`类nG�\{Tœj@@zƶねll[1OٍD9$�r���b2Oty'0Oq�KgK 0ML+fAl!�&r_Ys�U�='�̄�QtMra�>[l�,��)1 {��;sH64�s���
C�{1L9
H\}T.I
5"�"HH�"s�{D�|%j9S�n�n 8r�\ѐ]� Zx+�N甽��aCmzKF2�jSo:h}v/܊Wt?n
(OPk�l�/9tf\
=�w`?Eb]�Z8�p�o2s&z�U Th<��OSϫH�1E![;!mzKmÜ�z)LJ)@BoE)R%:�Tutƫ mO8���(���"nty9�=�|^[zQؗ�G@1agG�Q5R^v|7�Xr%sDJrE�)ߠ(b/<%���* >�.�X&";�>m�<'6}Ju;J�"@"xr�WOeΝ[aYѶ��y
S�O~n]�(#o���6x��}�҂ITL/c<��z��An*@9/6+1-i�[%o�#U`7'#�~*��V��œA>h4M@��(_ْk0�F��}^n�0")1��<&`Eߟ�2"�L�)��Ԧ�3w�)+],by ��Y3�!0|B�/C�e
ȑ(�dy�I.�͜�K@gWnJP/jdV(̛l+�~Ľ[]Kl��C>`mR>GK�
]'[٧3�й?-*����e[͌��AW5`/��9H�_�(|9N]RjãÍ�H�Ǹ��[�Iy>p <Щ�1T\bգJʶ�E9b�릍
�Ѩi�pKTؖEn��dS^moymOEmY>m�Ѝ5�O!ngNb�k�*�χŀ�{Ⱦ1�^f#9:}
2^9FB~ea�ԐdZͼ*?҂g'
Q\�F$30(�y�
l�+���m5'0X�1+ ��N�R{Qf7�@ '�Ɣ
ϰO"�- s�m��xDx^]"�P߯JVlw^^5�E�l߂*�Ԉ|rR$�0$a�1�+�>�c-�hw!wS׆)0ѕD1F(g,1_=,@|�փ
L�W{څG��QE6;|���,�݈bV��"NdJWjnr�m�mc{J�>d31#7Dj0Br3H
d[H_مt&�v3�k�)/�YH~1
�� �<9�9�.@$�NSP_X1�]#:L+��s+
�bMd�?rY�kh
Y�Ib λg_�xH%L}Sw=
aFk'O�(Uƥ2p:8XQ|;]%`֍�^z:-E�m{ӻjw �T>Vnw/>+e=;`on��s�g�~�oU��A,jU
z' l5mEgl(3��W'J^Rw�z"f/F)SذM�*i2�9J{)
1^[)֦O*L�㇅c�>lgLt�)�2)v}mb-c6�C-;�A�r ��
|
Network Security & Hardware 
