Steve Hanna has written an excellent introductory article[1] on Network Access Control (NAC) discussing the motivations for implementing NAC and how Trusted Computing can help further secure NAC. Trusted Computing works well here because while the endpoint can still lie, it gets noticed that the endpoint is lying even if the exact lie is not known. The lie is detected because the measurement log no longer matches the signed quote of the PCR values. IBM Research wrote an excellent paper in 2004 describing attestation in detail as implemented on a Linux system: The Role of TPM in Enterprise Security[2].
[1] http://www.esj.com/news/print.aspx?editorialsId=2904
[2] https://www.trustedcomputinggroup.org/press/news_articles/rc23363.pdf
The current magazine from the European Network and information Security Agency (ENISA) highlights Trusted Computing in their current issue of ENISA Quarterly [1]. There are four articles on Trusted Computing – one which compares TC to automobile airbags. There is an interesting article on Trusted Computing from a European perspective which covered the workshop by the same name held in Germany earlier this year. Another article touches on the OpenTC project’s goal of providing European citizens “informational self-determination” in a secure context. Also noteworthy is the call for papers for Trust 2008.
[1] http://www.enisa.europa.eu/doc/pdf/publications/enisa_quarterly_09_07.pdf
RSA London is going on this week and professional blogger David Lacey is blogging that not much interesting is going on, but that he was very excited to meet Steve Hanna. Steve says that 2008 is going to be the year that Trusted Computing breaks out.[1] I hope he is right! Gartner for 2006 still has Trusted Computing sliding into the trough.[2] But the saddest testament to the slow uptake on Trusted Computing is that Gartner uses it as an example technology to explain two different factors that can cause a technology to have a “Long Fuse” (that is to spend more time than average in the Trough of Disillusionment).[3] I am starting to see some signs that the deep trough that the technology has been in the past couple of years is coming to an end (more on this later) and Steve’s optimism is heartening.
[1]David Lacey, Trusted Computing Hits the Road
[2]Gartner’s Hype Cycle Reports Click on Information Security and look at the table of contents to see where Trusted Computing Platform is listed in the latest Hype Cycle.
[3]Understanding Gartner’s Hype Cycles
