Future of TPM Technology Discussed at RSA Conference

The RSA audience questions trusted computing standards, touted Trusted Platform Modules.

Members of Trusted Computing Group, a 170-member organization dedicated to developing trusted computing standards, touted Trusted Platform Modules, to an attentive, if sometimes skeptical, audience at the RSA Conference on Feb. 5.

Roger Kay, president of Endpoint Technologies Associates and author of a white paper titled "Trusted Computing is Real and Its Here," sought to answer critics of TPMs who say there is a lack of interest in TPMs from users despite a push from vendors.

A TPM is a microcontroller affixed to the motherboard of a PC that stores keys, passwords and digital certificates.

The chips have been available in business-oriented desktops and notebooks since IBM first rolled them out in 1999.

Kay said the deployment of TPM is increasing as awareness of the benefits of the technology grows.

By 2010, he predicted, 250 million TPMs will ship on client systems in 2010.

While vendors are pushing, users are pulling, he said. TCG would survive the standards race.

However, some members of the audience were questioned whether TCG standards would be widely adopted, particularly by industry giants such as Microsoft and Cisco will adopt them.

/zimages/4/28571.gifClick here to read more about security products expected at RSA.

In his paper and remarks, Kay responded that implementation does not have to involve the entire stack—it can be used at the client level alone and still provide protection in areas such as password management.

As proof of the real world usefulness of TPM, Kay cited the experience of a pharmaceutical company that used the technology in conjunction with a virtual private network and authentication software from Lenovo to keep track of who was accessing its network and from what computer.

Other examples included a pizzeria chain looking to ensure the identities of anyone accessing its corporate network and the wholesale adoption of TPM 1.2 modules by the U.S. Armys Network Enterprise Technology Command.

Brian Berger, executive vice president of TCG member Wave Systems, said TCG standards have significant momentum behind them. According to the TCG Web site, companies such as Dell, Hewlett-Packard and Intel have systems with TPM on the market.

Microsoft also decided to rely on TPMs for security in the Windows Vista operating system.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.