Trusted Computing Gear to Make Spring Splash

SAN JOSE, Calif.–PC makers could begin shipping hardware based on the latest Trusted Computing specification as early as this spring, according to one founding member of the Trusted Computing Platform Alliance.

Clain Anderson, program director for client security at IBM, said his company could begin shipping TCPA 1.1-compliant hardware in April. IBM is one of five original members of the TCPA.

“As concern about security grows … theres been a dramatic increase in calls [for such hardware improvements],” said Anderson. “Certainly among the IT community, they get it.”

The TCPA was founded in 1999 by IBM, Compaq Computer Corp., Hewlett-Packard Co., Intel Corp. and Microsoft Corp. Since then, some 170 companies have joined the effort to develop standards for the way devices store data, authenticate users and identify themselves on a network.

The TCPA 1.1 standard, approved one year ago, specifically addresses the creation and deployment of so-called trusted subsystems in PCs.

Anderson declined to give details of IBMs upcoming TCPA 1.1-compatible hardware. He did, however, say he felt IBM would be among the first to roll out Trusted Computing gear, which is expected to trickle out from several hardware makers through the end of the year.

IBM did unveil updates to its Client Security Software at the RSA Conference here that address many of the same issues of concern to the TCPA. Client Security Software 3.0 includes support for third-party fingerprint readers and proximity badges, improved file and folder encryption, and incorporation of a virtual random code token for VPN access. The software relies on IBMs Embedded Security Subsystem installed in ThinkPad and NetVista models and uses standard interfaces such as MS-CAPI and PKCS 11.

The new software version also integrates with the security functions of Tivolis policy manager, to allow for policy setting related to e-mail access, network permissions and other security controls.

CSS 3.0 includes support for a new biometric fingerprint reader from Targus Systems made especially for the PC Card slot of an IBM ThinkPad. The Targus Defcon reader allows users to authenticate with a fingerprint instead of a password. The reader will retail for $199 and will be available next month, officials said.

Version 3.0 works with Ensure Technologies XyLoc wireless proximity device, a transmitter in a badge that authenticates a trusted user, then logs that person off when he walks away from his PC. Anderson said the technology could be especially useful for doctors who work with sensitive records on a number of different workstations.

The new Client Security Software also incorporates the RSA Security SecurID token, eliminating the need for a separate random code generator. The software displays a picture of an RSA token with the code needed for netwrok access as part of RSAs two-factor authentication.

The new software will be available for download on March 5, officials said.