Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Security /

Security-seeking vendors find strength in numbers

Today's breaking news
Send to a friendFeedback

Advertisement:

By Linda Musthaler
Network World, 11/08/99

Have you ever hesitated a few moments before sending your credit card number over the Internet? Perhaps more importantly, are customers or partners hesitant to conduct e-business with your company, for fear of poor security practices? Can we ever fully trust whoever is on the other end of our computer connections? How can we be sure they are who they say they are?

A new industry alliance has formed to address the technology issues at the root of these fears. Oct. 11 marked the birth of the Trusted Computing Platform Alliance (TCPA), which will focus on improving trust and security on various computing platforms. Microsoft, Intel, IBM, Compaq and Hewlett-Packard are founding members, and more companies are expected to join in the coming months.

What's interesting about this group is it recognizes that creating a trusted computing environment requires the collaboration of PC industry platform, operating system, application and technology vendors. In other words, answers to security problems are rooted not in just hardware or software, but in all aspects of the total platform.

Much as I dislike approaches developed by committee, which tend to reflect the lowest common denominator, the TCPA may be the best way to develop broad desktop security standards accepted throughout the industry. Single-vendor approaches often fail to garner commercial acceptance, usually because of the proprietary nature of the innovation or a "Big Brother" assault on personal liberties.

Remember last winter when Intel announced it would embed a personal identification number in its Pentium III chips? Though Intel's intention was to increase security over the 'Net by identifying the owners of various transactions, the proposal generated a backlash from civil rights activists who viewed it as a violation of privacy rights. Ultimately, Intel opted to turn off the feature in its chips. This identification number strategy would have had a better chance of acceptance if it had been part of an industrywide PC security plan that included promotion by the likes of heavyweights Microsoft, Compaq, IBM and HP.

A few weeks ago, I read a press release from IBM about its new PC models that incorporate an embedded security chip on the motherboard, and smart card access and encryption. A great strategy, but it probably won't catch on with the general PC-using population.

Why not? Though based on existing industry security protocols, portions of this approach are still unique to IBM. That means it's unlikely that the other top PC hardware manufacturers - Compaq, Dell, HP and Gateway - will adopt it. Without acceptance by these vendors, the IBM approach will remain proprietary rather than become an industry standard.

With the TCPA bringing together the top players in the desktop market, we're likely to see greater sharing of knowledge and broader acceptance of jointly designed offerings. The organization's goal is to develop a specification that delivers a set of hardware and operating system security capabilities that customers will use in their computing environments.

The specification release candidate 1.0 document is due out in the second quarter of 2000. This document will ultimately be submitted to a still-unnamed standards body for consideration and adoption. The alliance is also developing a white paper that describes the specification and how it will improve computing. The TCPA promises its specification will complement existing security standards, such as IP Security, public-key infrastructure, Secure Multi-purpose Internet Mail Extensions, Secure Sockets Language, X.509, virtual private networks, smart cards and biometrics.

Working together, TCPA members intend to enhance existing approaches and simplify the deployment, use and manageability of security elements on PCs. The group will encourage wide industry support and adoption of the specifications. What's more, the specifications must be broadly exportable and ubiquitous, resulting in worldwide acceptance.

Membership in the TCPA is open to anyone with a vested interest, including eventual end users of the technology. To learn more about what this alliance can do for you or how you can contribute to its progress, visit www.trustedpc.org.

RELATED LINKS

Musthaler is vice president of Currid & Co., a Houston-based technology consulting firm. She can be reached at linda@ currid.com

More Speaking the LANguage columns


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.