Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Interesting DMI job opening
(Along with Wave, they are playing a prominent role at the NSA event)
Description
About DMI
DMI is a rapidly expanding government IT solutions and business strategy consulting firm focused on providing solutions that transform enterprise operations in government and business. With a rapidly expanding client base, based in 5 offices and 12 project sites nationwide and currently serving more than 20 agencies across the civilian and defense departments, DMI has been recognized four years in a row as a fast-growing Inc. 500/5000 company. We offer services and solutions in: Strategic Business Transformation, Software Systems Modernization, Enterprise Information Management, Cybersecurity, and Healthcare IT. DMI is a rising star -- hitch your wagon!
Careers at DMI
About the Opportunity
DMI is looking for energetic, creative people to join our team which is designing a cutting-edge Trusted Computing solution for a U.S. DOD agency. This is a one-of-a-kind opportunity to join an exciting, fast-growing company, and work with a dynamic, high-powered, cross-functional team designing a complete security solution.
We’re seeking an enthusiastic, hard-working Hardware Security Expert for our team. If you can work both independently and in a highly collaborative environment, we’d like to talk with you.
Key Responsibilities:
Candidate will be expected to lead the definition and specification of a combined hardware and software security solution
Qualifications:
Looking for an experienced technologist with knowledge and experience in industry standards, particularly security standards
Experience in writing/editing industry standards such as those in IEEE, IETF, TCG, etc.
Experience with cryptographic protocols, crypto algorithms (e.g. RSA, ECC, AES) and security analysis a plus
Experience with FIPS 140 a plus
Experience with Type I crypto devices a plus
Proven leadership
Project management experience a plus
Experience with security hardware design a plus
Experience with software programming a plus
Strong oral and written communication skills
Working at DMI
DMI is a diverse, prosperous and rewarding place to work. We provide our employees with competitive benefits, educational assistance, and career growth opportunities. Every employee is valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company. DMI is an Equal Opportunity Employer M/F/V/D.
Everyone should check out NSA TC Conference Agenda
(Lots of interesting stuff)
http://www.ncsi.com/nsatc11/index.html
CIA and Trusted Computing
(July 2011)
http://www.gotgeoint.com/wp-content/uploads/2011/07/CIA-Adv-Tech-Interest.pdf
The Central Intelligence Agency's primary mission is to collect, evaluate, and disseminate foreign intelligence to assist the President and senior US Government policymakers in making decisions relating to national security.
To accomplish its mission, the CIA engages in a wide range of research and development for collection,analysis, and security purposes.
Technical areas of interest include:
..Virtualization
• Virtual Networks
• Cloud
• High Performance Computing
• Advanced Search
• Hardware/Software
-Augmented Reality
Trusted Computing
• Encryption
• Hardware Enabled
• Integrated Security Suites
• Data Marking/ Watermarking
Techniques
Here it is in black and white (re: who's piloting TPMs)
http://www.wave.com/solutions/spotlight/DeviceIDFAQs.asp
Boeing, BAE Systems, General Dynamics and Rockwell Collins have set up TPM pilot programs for stronger authentication.
Wave/Nato
http://www.afcea.org/europe/events/tni/11/programme.asp
900 - 1100
Session 2 – “Support of NATO in the Next Decade – Operational and Economic Aspects”
Chairman: t.b.d.
Keynote Speech
- Maj.Gen. Antonios Chatzidakis (Ret.), General Manager, NATO Maintenance and
Supply Agency (NAMSA)
Keynote Speech
- Mr. Bernd Wenzler, CEO, Cassidian Electronics (GE)
“Rapid Communications Deployment”
- Mr. Tamas Halmai, Principal Scientist, NATO C3 Agency; Ms. Christy Coffey, Head of Government/Defense Market Support Center, TM Forum; and Mr. John Wilmes, Chief Technical Architect, Communications Sector, Progress Software.
“State-of-the-Art Technology in Cooperative Implementations”
- Mr. Rick Parkington, CTO and Vice President, General Dynamics Intelligence Solutions Div. (US
“Trusted Computing Solutions for Cyber Defence in NATO”
- Mr. Martin Wargon, Vice President Business Development, Wave Systems Corp. (US)[/b]
Q & A Period
Wonder who Wave is targeting at following events?:
http://www.wave.com/news/tradeshows.asp
USG Corporation using TPMs?
http://www.cylab.cmu.edu/tiw/agenda.html
Talk: Trusted Platforms in Practice: Lessons Learnt
(Fred Leong, USG)
Yup, the numbers are great, but they are clearly leading the pack in what is quite certainly an emerging market of significant proportions - very important indicator. Cheers, Foam
Seagate widening SED offering
http://www.mis-asia.com/tech/storage/seagate-updates-drives-in-biggest-ever-refresh/
FRAMINGHAM, 15 MARCH 2011 - Seagate today announced five product refreshes that include both its solid-state drive (SSD) line and its high-performance, midrange and high-capacity hard-disk drives. The upgrades boost performance and capacity by between 50% and 100%.
All of its new drives come with a self-encrypting option. Seagate boosted the cache on all of its HDDs from 16MB to 64MB, which boosts performance on each model.
Russia Conference with TC
(No way TC is not going to fly - big players all going that way. Dig's comments about who is benefitting (has benefitted) most from this incipient market are right on the mark!!)
http://www.trustedcomputinggroup.org/media_room/events/96
Be sure to join chair-person, Dmitry Laryushin, Technical Policy Director, Intel Russia/CIS, speak on creating effective and secure environments for trusted computing and applications, during his presentation on "Creating the Trusted Computing Environment".
In addition, the following TCG members will be presenting:
Clarie Vishik, TCG Board representative, Intel GPP EMEA, will be providing an overview in regards to the TCG's key accomplishments, as well as new developments.
Alexander Zubarev, Information Security Director, HP Russia, will be presenting "TPM-Trusted Platform Module: The Technical Aspects and Regulatory Peculiarities".
Aleksandr Akishin, Presales Manager, Fujitsu Technology Solutions, will be speaking about trusted computing technologies.
Sergey Simakov, Senior Security Consultant, Microsoft, will present "TPM as a Cornerstone of End-to-End Trust".
Great Lumeta document on TNC and TCG
http://standards.gov/standards_gov/sos_rfi_docs/39_lumeta_support.pdf
HP document listing SEDs as security feature on their notebooks
http://www.hp.com/sbso/solutions/pc_expertise/professional_innovations/hp-keep-your-business-confidential.pdf
Self Encrypting Drive (SED), Hardware-Encrypted Solid-State Drives (SSDs)
Enhances security with self-encrypting solid-state drives, based on the new Trusted Computing Group (TCG) Opal industry standard, for hardware-based drive encryption as well as partnerships with leading centralized software management companies.
Janne Uusilehto of Nokia and TCG back in action
(seems to be some upcoming action with TC in mobiles)
http://www.trustedcomputinggroup.org/media_room/events/97
Mobile Computing Summit
June 28, 2011 - June 30, 2011
Burlingame, California
Janne Uusilehto, chair of the Trusted Computing Group's Mobile Work Group, will be speaking at the 2011 Mobile Computing Summit.
The Mobile Enterprise Summit brings you the latest on mobile computing in the enterprise with an emphasis on smartphones, tablets, netbooks, and laptops. This event emphasizes the effective use and management of mobile computers and the security issues surrounding them. You’ll also have a chance to chat with those in the know about social computing within enterprises.
For more information, please visit: http://www.netbooksummit.com/
http://www.globalplatform.org/mediapressview.asp?id=834
GlobalPlatform Appoints Strategic Director to Advise on Mobile Strategy
5 January 2011 — The GlobalPlatform Board of Directors has appointed a Strategic Director from the GlobalPlatform membership to represent handset manufacturers in Board decisions and provide expert industry advice on the organization's mobile strategy through 2011 and beyond.
Janne Uusilehto, Director/Head of Product Security for Nokia, which is a Full Member of GlobalPlatform, takes up the voluntary consultative position with immediate effect. Drawing from his expertise and inside knowledge of the mobile industry, he will make recommendations to the GlobalPlatform Board on how the GlobalPlatform Specifications could evolve to ensure alignment with the specific and emerging requirements of the mobile sector.
Janne will assist GlobalPlatform in its liaison activities with other mobile industry consortia, ensuring mutual awareness and cooperation towards open standards and an interoperable technical infrastructure for mobile services.
Commenting on his role, Janne says: "GlobalPlatform plays an instrumental part in the development of a standardized mobile services infrastructure. With such a high level of activity across mobile initiatives within GlobalPlatform's committees and working groups, it is an exciting time to be appointed as a Strategic Director and participate in discussions with the elected Board. I look forward to leveraging my experience and knowledge to best serve the needs of the mobile industry through this level of participation."
In his new role, Janne will work alongside the GlobalPlatform Mobile Task Force. This group provides input to the technical committees to ensure GlobalPlatform's technology supports industry convergence with the mobile telecoms sector.
Kevin Gillick, Executive Director of GlobalPlatform, adds: "Mobile services standardization continues to be a key priority for GlobalPlatform; currently over two thirds of our members are actively engaged in the Mobile Task Force. The Board has a responsibility to the membership to ensure that GlobalPlatform's mobile strategy in the near and long term reflects and addresses their business development requirements. Janne will play a vital role in helping the Board to validate its strategy. His extensive experience and unique perGlobalPlatform Strategic Directors may be appointed from time to time from individual member organizations at the discretion of the Board of Directors. Their role is to provide the Board with additional advice or expertise on a particular strategic issue or market. Strategic Directors hold no voting rights.
Barge here's your answer
(the other presentation by Lacey - gotta love the language and tone!!!)
http://www.e-crimecongress.org/congress/website.asp?page=2011education_seminars#wave
Can your laptop keep a secret?
Presenter: David Lacey, Director of Research, ISSA UK & Nikesh Nandan, Technical Consultant, Wave Systems
Software-based encryption and authentication solutions are plagued by higher than expected costs, poor performance and vulnerable security. Self-encrypting hard drives (SED) and Trusted Platform Modules (TPM) provide more secure and faster performing alternatives — at a fraction of the cost. Why aren’t you using them?
What delegates will learn in this session:
Experience how easy it is to setup and configure an SED in just 5 minutes
Windows® 7? Maximize your investment with centralized BitLocker® encryption and TPM management
Your digital certificates may not be safe. Easily protect them by turning on the TPM in all PCs
SureDocs and Wave
http://www.alamode.com/ee/documents/agent/SpecSheets/Agent_SureDocs_Spec_Sheet.pdf
Upon request, the identity of signer is
verified by Wave Systems and Equifax
that performs a “soft hit” on the
signer’s credit report to formulate a
series of multiple choice questions the
signer must answer before viewing or
signing documents
Great Wave talk at e-Crime Congress
(catchy title but I wish they would get their spelling right)
http://www.e-crimecongress.org/congress/website.asp?page=2011education_seminars#a
Trusted computing: The revolution in security thinking that’s happening now
Presenter: David Lacey, Wave Systems
Trusted Computing offers compelling, immediately available security benefits. This technology is essential for any global enterprise facing advanced threats or operating in hostile environments, as well as any technology vendor aiming to develop groundbreaking future solutions.
What delegates will learn in this session:
David Lacey will outline the implications of the new problem and solution space in security and how they obsolete tradition security thinking. He will explain the quite revolution that trusted computing is leading and the future paradigm shift that it will create, including benefits such as:
* Faster, more secure and easier to implement and manage laptop encryption
* The new paradigm of device authentication and trusted execution
* A spate of new, imaginative technologies to transform the solution space
* How Trusted Computing will lead the journey to a connectionless security future
Awk - The Microsoft/Wave collaboration probably has something to do with the following (Securing the OpenId/Cloud for vast array of smaller public institutions):
Microsoft Sees Increasingly Rapid Adoption Of Its Cloud Computing Services Among U.S. Government, Education Organizations
http://www.thestreet.com/story/11019838/1/microsoft-sees-increasingly-rapid-adoption-of-its-cloud-computing-services-among-us-government-education-organizations.html
REDMOND, Wash., Feb. 23, 2011 /PRNewswire/ -- Today at the Microsoft U.S. Public Sector CIO Summit, Microsoft Corp. announced cloud computing agreements with 16 new government and education customers. In his keynote address, Curt Kolcun, vice president of U.S. Public Sector at Microsoft, welcomed several of the newest users of Microsoft Online Services, including Portland Public Schools, Oregon; University at Albany -- SUNY; Fashion Institute of Technology -- SUNY; Vanderbilt University; City of Alexandria, Va.; City of Virginia Beach, Va.; and the Poarch Band of Creek Indians tribal government in southern Alabama .
These public sector organizations join a rapidly expanding community of government agencies and schools that have recently implemented Microsoft cloud computing solutions, including the state of California, the state of Minnesota, U.S. Department of Agriculture, California State University campuses at Long Beach, Pomona and San Francisco, the State University of New York ( SUNY), New York City Public Schools in partnership with ePals Inc., Kentucky Department of Education, and the University of Georgia. In addition to cost savings and efficiency gains, public sector organizations are choosing Microsoft cloud solutions for their security features, interoperability with existing technology investments and the 24/7 voice support services. Microsoft's newest government customers join more than 190 state and local government organizations in nearly every U.S. state, bringing the total to more than 3 million government employees utilizing some form of Microsoft Online Services. In addition, Microsoft Live@edu is currently one of the most popular communication and collaboration cloud suites for education, serving more than 15 million people in more than 10,000 education institutions worldwide.
"Public sector organizations are looking for enterprise-grade cloud solutions, and that means providing high levels of security, functionality and support," Kolcun said. "We're seeing government and education organizations of every size and dimension using Microsoft cloud solutions to help reduce costs and increase productivity in support of their missions."
Portland Public Schools, the largest school district in the state of Oregon with more than 46,000 students across 85 schools, is planning to move to Microsoft Live@edu as its core collaboration and communications suite for students, teachers and staff to drive improved teaching and learning in the classroom. Portland was looking for a new e-mail solution as its current on-premises Novell GroupWise system was coming to end of life, and it wanted to provide new services to students. After a thorough analysis of both Live@edu and Google Apps for Education, Portland chose Live@edu because of Microsoft's training and support structure, security, and interoperability advantages.
"Choosing Live@edu best aligned with the larger technology direction we are taking at Portland where we are working to expand and enrich the tools and services available to our customers," said Nick Jwayad, chief information officer at Portland Public Schools, who joined Kolcun on stage at the Summit. "Live@edu promises to enhance the services we currently provide to teachers, broaden the reach of services to students and reduce our costs by at least a third."
Portland plans to deploy Live@edu to 8,500 faculty and staff in the fall, and to high school students in the 2011–12 school year. Portland Public Schools joins the following school districts in Oregon that are also Live@edu customers: Ashland Public Schools, Columbia Gorge, Coos Bay School District, Phoenix Talent School District, McMinnville School District, Redmond School District, St. Cecilia School and Sisters School District. Microsoft is also working with the Oregon Department of Education on a statewide Microsoft cloud agreement so that other schools can easily signup for the benefits of Live@edu.
....
Wave and Microsoft?
Funny but the new Wave job ad for Product Manager Large Enterprise:
(http://www.wave.com/about/employment.asp#job25) has almost exactly
the same wording as the following Microsoft job ad:
(http://www.linkedin.com/jobs?viewJob=&jobId=1256789)
and the Wave job opening mentions "past working experience with Microsoft" as an asset.
Motorola Trusted Computing Job Ad
http://jobview.monster.com/Senior-Engineer-Content-Protection-Job-SUNNYVALE-CA-US-97330797.aspx
Senior Engineer, Content Protection
About the Job
Job ID: 97722
Department Description: Advanceed Platforms is responsible for software development to enable next generation services and applications
Responsibilities/?Expectations: We are looking for a talented and motivate software engineer for the platform's Content Protection effort.? The position has a broad cross-functional charter that involves working closely with various functional teams (technology, technical program management and business) to ensure that business requirements are translated into technology requirements and subsequently be involved in the implementation of software (using Scrum) from design through successful deployment.?
Job responsibilities include:
* Lead engineer focussed on integrating DRM into the platform.?
* Architect a solution to meet the Compliance and Robustness rules put forth by the DRM stacks and provide implementation for the same using the underlying hardware capabilities.?
* Interacting with an international team and implementing core pieces of the design, primarily in C/?C+?+?.?
* Excellent communication skills and willingness to mentor junior members of the team
Knowledge Skills: The ideal candidate will have:
* 8-10 years of experience working in the security domain, preferably in the mobile industry
* Solid understanding of the various security fundamentals, including but not limited to symmetric and asymmetric cryptography, hashing algorithms and PKI
* Proven track record of successful and timely product delivery
* History of setting aggressive yet attainable goals
The following will be a big plus :
* Experience working with Linux/?UNIX device drivers
* Experience working in an embedded environment
* Understanding of the secure mobile trusted computing platforms.?
* Secure storage, secure flash, secure ROM understanding.?
* Secure Booting and Chain of Trust, Secure clock.?
* Understanding of using on chip cryptographic capabilites
Basic Qualifications: Bachelors degree required, masters degree preferred.?
Wave Cloud Sevices job ad
Product Manager - Cloud Services
Wave Systems Corp. - Cupertino, CA (San Francisco Bay Area)
Job Description
Position overview
Are you passionate about understanding customer needs and delighting them with well-integrated technologies and quality end user experiences?
Do you like to think big?
Do you find yourself constantly straddling the line between technology, business and customer focus?
Do you work well with product and engineering teams as well as with internal/external partners?
If so, this may be the right role for you.
A publicly traded technology leader in a rapid growth trajectory is looking for a dynamic, energetic, and creative Product Manager.
As a member of the commercial product management team, you will be responsible for defining the detailed functional and non-functional requirements for a cloud based SaaS data security and identity management solution, as well as interaction with client software and on-premise offerings.
You will consider aspects such as hosting, availability, operational and data center design requirements, serviceability, partner integration and end-to-end user experience.
The ability to understand high-level business and customer scenarios and their impact on low-level technology and user experience design decisions is a must.
In this role, you will:
• In high collaboration with product development and marketing teams, define and drive critical end-to-end customer experiences across a portfolio of solutions offerings for key management, user authentication, provisioning and recovery.
• Outline and rationalize key experience/user goals, overall audience strategy and tactics, and cross product experience roadmap for a specific line of solutions (e.g. self-encrypting drive management, Bitlocker management, Biometric authentication, certificate enrollment, etc.).
• Write service and operational requirement specifications, addressing issues such as availability, usability and manageability of the service.
• Manage and own customer/user research requirements and initiatives to inform product experience planning and design.
• Be the technical and business lead for a cloud service offering targeted at the small and medium business, as well as enterprise roaming users.
• Gather and understand customer requirements, translating them into user needs and detailed product requirements.
• Partner closely with internal test, service operation and customer service teams to measure and oversee customer experience quality throughout the product development lifecycle.
• Engage with SaaS, hosting and OEM partners to position integrate and maintain a branded service offering.
• Address data security, regulatory compliance and privacy issues for the service platform as well as the solution as a whole.
• Create a clear value proposition outline for each solution offering included in the service and communicate its key pillars to external stakeholders such as marketing, sales, partners and customers.
• Address support escalations and correctly prioritize functionality, business value, technology leadership and sustainability needs.
• Define a project plan as well as SLA and ensure execution according to plan.
Desired Skills & Experience
Experience and qualifications
What you must have to perform this job:
• Have strong organization, and communication skills, and the ability to work well in a highly dynamic, constantly changing environment.
• Have a minimum of 4 years’ experience preferably as a product manager, solution architect or senior pre-sales engineer.
• A BS/BA degree in Computer Science or related technical discipline and/or equivalent experience.
• Experience working with the small and/or medium enterprise customer market.
• Understanding of Enterprise Architecture and/or Cloud Computing Architectures
• Candidate should have experience with at least three of the following technology areas:
o Full disk encryption, hardware based encryption, file and folder encryption
o Key management and PKI.
o Smartcards and biometric authentication.
o Virtualization and enterprise IT data center design.
o Sql server, Active directory and the windows platform security.
o VPN, Remote access, Wi-Fi, 802.1x
o Web services standards, WCF, WIF, WS-Security, Queueing.
Possessing the following qualifications would make you a stronger candidate:
• Experience driving product development projects/cloud service through the entire product lifecycle, from initial design to final delivery
• Strong presentation and data synthesis skills will be essential
• Be equally comfortable interacting with anyone from a very technical developer to a business-focused executive
• Industry experience in Enterprise IT, SaaS/PaaS/Virtualization/Web services, and/or Cloud security is preferred
• Proven ability to develop and articulate a compelling vision, strategy, and roadmap for set of inter-related products and technologies
• Excellent cross-organizational agility, partnering skills, and technical depth with ability to drive shared goals across multiple groups
• Strong customer and partner empathy with demonstrated ability to translate real world business problems into end-to-end technology product solutions
• Familiarity with Market and/or User Research methodologies
• Familiarity with data security and privacy regulation such as HIPAA, PCI. SOX etc.
• Understanding of FIPS and common criteria certifications
• Past hands on development experience in C, C++ or C#
• Experience working with large OEM such as IBM, HP, Dell and Acer
• Past working experience in Microsoft
Boeing talk on trust in cloud
(Interesting hint of solution they adopted?)
2:00 PM – 3:00 PM CASE STUDY
Migrating Securely to Cloud Technology
E.J. Jones, CISSP, CSSLP, GIAC-Java, Technical Fellow, Boeing Information Security
• Security concerns inherent in Boeing's adoption of cloud technology
• Controls used to mitigate risks
• What worked, what didn't, and what adaptations were required
• Trust technologies that have been successful
• Managing expectations in the company
http://www.misti.com/includes/conferences/agendadetails.asp?pID=174&ISS=21541&SID=713753
GD Information Assurance document on TCG website
(Everywhere I'm seeing growing TPM demand!!)
http://www.trustedcomputinggroup.org/files/resource_files/2B4A6C6B-1A4B-B294-D0E13BED5B6168B9/RSA%202011%20TCG%20-%20wyant%20v3.pdf
Bunch of new events on Wave site
http://www.wave.com/news/tradeshows.asp
AGC's 7th Annual West Coast Emerging Growth Conference
February 14-15, 2011
The Westin San Francisco Market Street
Wave presenting (Looks like that will be a busy week)
http://www.americasgc.com/_downloads/AGC2011WestCoastEGC.pdf
Hi Helpful,
I checked the agenda for presentations but no mention of the TC track yet, though there is mention of a TC information booth sponsored by the NSA. It really is real this time and I have to keep reminding myself of this even as the share price continues to rise before my eyes. All the best, Foam
New Wave Events:
http://www.wave.com/news/tradeshows.asp
Wave at two important Gov. events:
1) https://www.globreg.com/IAE2011/exhibitor.jsp#exhibitors
Trusted Computing
Is your enterprise ?house? protected from today?s Cyber storm? Searching for answers to complex Cyber Security operational challenges? Come speak with us at the NSA/CSS Commercial Solution Center (NCSC) sponsored booth to learn about COTS-based products delivering Decisive Defensive Advantage. Using Trusted Computing components, the NCSC?s Trusted Computing Division will display a broad enterprise view, leveraging its investment in the High Assurance Platform (HAP), of real Trusted Computing infrastructure and technologies making a difference now.
Wave Systems Corp.
Wave Systems provides management software for hardware-based security, helping organizations implement strong authentication and data protection. Wave⿿s EMBASSY® client and server software manages both the Trusted Platform Module (TPM) chip found on business-class PCs and self-encrypting hard drives available from leading manufacturers. For more information on Wave's products and services, visit www.wave.com
2) http://www.ncsi.com/eucom11/exhibiting_companies.shtml
-Wave exhibiting here as well
StevenDice - Some good points you make there, Oh what a tangled web is being woven here - Good thing Wave is embedded in the very fabric, to continue the conceit. Thanks, Foam
HAP Release 3 now set for 2011
(Document from March 2010)
https://snap.pae.osd.mil/snapit/ReportOpen.aspx?SysID=PB2011_NSA
The Commercial Systems Solutions Engineering program will complete the implementation and operational deployment of the High Assurance Platform (HAP) Release 2. Release 2 deployments will be tested and validated at Special Operation Command, Pacific Command, and Fleet Numeric Meteorology and Oceanography Center. Begin
development of the HAP Release 3 that fully leverages the commercial trusted computing technologies and capabilities implemented in HAP Release 2. It will continue work with industry to lead and influence trusted computing technology and solutions through participation in the Trusted Computing Group. It will also continue to enhance Secure Mobile
Environment Portable Electronic Device. New capabilities to be developed under this program could include new radio frequency modules, satellite communications, and HAP technology.
Green Hills talk on use of TPMs
http://www.embedded-world.eu/program/day-3.html?program_id=4106
Crypto Inside: Leveraging Security Hardware in Modern Embedded Devices
Cryptography / Security
09:00 - 10:00 (March, 2011)
Crypto Inside: Leveraging Security Hardware in Modern Embedded Devices
David Kleidermacher, Green Hills Software
With the increasing role of security in embedded systems, cryptography and key management in some form has become a ubiquitous requirement. However, embedded systems designers must incorporate this functionality without blowing the budget on footprint, performance, and cost. This class will provide an overview of the security hardware capabilities, from basic on-chip symmetric key accelerators to Trusted Platform Modules (TPMs) and hardware security modules (HSMs), available in popular embedded microprocessors. The relative tradeoffs in cost, power, and performance will be described as well as ramifications to software and system design.
Very detailed document on Mobile Armour acquisition by TrendMicro
(easier to read in the original PDF document)
http://fr.trendmicro.com/imperia/md/content/uk/pdf/mobile_armor_federal_external__faq_final.pdf
Mobile Armor Federal Government Sector Acquisition FAQ’s
On 29 November 2010, Trend Micro announced a definitive agreement to acquire privately- owned Mobile Armor, Inc.
Pursuant to a definitive agreement signed on 28 November 2010 Trend Micro has agreed to acquire Mobile Armor, based in St. Louis, Missouri, USA. The transaction is subject to customary closing conditions, including certain regulatory approvals, and is expected to close before December 31, 2010. As a result of this transaction, our customers and partners will benefit from the comprehensive data encryption and mobile device security provided by Mobile Armor. Mobile Armor complements Trend Micro’s endpoint security and data loss prevention solutions while also contributing to the company’s mobile security and cloud security initiatives. By combining Mobile Armor’s centrally managed policy administration, enforcement and advanced pre-boot authentication on computing devices such as laptops, desktops, tablet PCs, USB flash drives and CD/DVDs with Trend Micro’s security portfolio, Trend Micro will offer a more comprehensive set of integrated data protection solutions to help protect data and meet regulatory compliance mandates.
COMPANY OVERVIEW / GENERAL
Who is Mobile Armor?
Mobile Armor, Inc. is an innovator and leader in data encryption and mobile device management technology. Mobile Armor provides trusted data encryption solutions to commercial and government organizations. Purchasers of their solutions include the U.S. Army, U.S. Navy, civilian government agencies and enterprises in vertical markets including healthcare and financial services. The Mobile Armor Data Encryption & Device Management Suite is a centrally managed and fully integrated hardware and software-based encryption solution for desktops, laptops, Windows Mobile smartphones, CDs/DVDs, and USB flash drives. Mobile Armor is the recipient of the coveted DoD Data at Rest Tiger Team award, enabling its encryption solution to be sold to the US government. Mobile Armor’s solution is FIPS 140-2 Level 2 validated and is certified to meet the standards for security set by the US National Institute of Standards and Technology (NIST). Certain of Mobile Armor’s products are in final review for Common Criteria EAL 4+ certification and are on the US Army Information Assurances Approved Product List.
FEDERAL GOVERNMENT SECTOR QUESTIONS Will US government contracts/schedules remain the same?
Yes. No changes are anticipated in US government contracts and schedules.
Will Data At Rest Tiger Team (DARTT), Army, and Navy Blanket Purchase Agreements (BPAs) be affected? No. DARTT, Army and Navy BPAs should not be affected by this transaction.
Will there be changes to my maintenance and support contract? Are my support contacts the same and should I continue using the same help desk number? There are no immediate changes to maintenance and support contracts. Contact information may change in the future, but such changes will be communicated well in advance.
Page 1 of 4
How will FIPS and Common Criteria certifications be affected?
Until such time as changes are made to the Mobile Armor products, Mobile Armor FIPS and Common Criteria certifications are unaffected by this transaction. If or when changes are made to the Mobile Armor products that require re-certification, Trend plans to take the necessary steps to recertify. Trend Micro recognizes the importance of FIPS and Common Criteria certifications to the Mobile Armor customers and intends to apply resources to achieve necessary certifications.
Where will product development take place?
Mobile Armor product development is located in the United States and there are no plans to move its location.
Are any of Mobile Armor’s products being EOLed?
None of Mobile Armor’s products are being End of Life-d (EOLed) or discontinued as a result of this transaction.
Will current evaluations continue and do I continue to work with the same partner (i.e. Immix, Dell, Panasonic, etc)? Evaluations currently underway continue and you should continue working with the same channel or technology partner.
PRODUCT OVERVIEW AND STRATEGY
How does Mobile Armor fit into Trend Micro’s overall strategy?
The acquisition of Mobile Armor will be a significant step towards helping Trend Micro achieve its vision of securing digital information no matter where it resides. Data protection is a critical component to an effective security strategy for today’s enterprises, and data on endpoints and mobile computing devices is a key target for attack. Enterprises need to protect sensitive data and comply with government and industry regulations to secure such data. Mobile Armor’s data encryption solutions complement Trend Micro’s existing security offerings by enabling customers to secure information on computing devices. Mobile Armor’s encryption solution provides FIPS- certified encryption technology that can be used across the Trend Micro product portfolio, from mobile computing devices to servers, delivered on premise or in the cloud.
How big is the encryption market and how fast is it growing?
In 2009, IDC estimated the endpoint encryption market to be $532.3 million. The market is expected to grow to $1,024.4 million by 2014. Endpoint encryption is expected to enjoy a 14% CAGR (compound annual growth rate) between 2009 and 2013.
Why is Trend Micro seeking to acquire Mobile Armor?
Mobile Armor brings outstanding data encryption and device security technology to the table. Mobile Armor’s technology includes a centrally managed comprehensive data encryption portfolio of government certified products (FIPS 140-2 Level 2 and Common Criteria EAL Level 4+ in final review). Mobile Armor provides organizations with the flexibility to deploy a combination of hardware and software-based full disk encryption – or transition between the two – with a single management console, server and repository for IT administrators. As new technologies expand the scope of encryption beyond software, it is expected that this capability will help ‘future proof’ investments in Trend Micro’s endpoint security solutions.
Page 2 of 4
Compatible with Microsoft Windows 7, Vista, and XP makes it just as easy to centrally manage standard hard drives and self-encrypting drives, including the Seagate Momentus Drive and other Opal compliant self-encrypting hard drives that are in development.
Mobile Armor will complement the Trend Micro security portfolio with a comprehensive and integrated portfolio of encryption capabilities including pre-boot full-disk, file / folder, and removable media encryption.
What will Trend Micro do with the Mobile Armor business?
Trend Micro and Mobile Armor are developing an integration plan that will be implemented following close. Trend Micro plans to integrate the Mobile Armor technology into Trend Micro’s data protection offerings, in particular its endpoint security product portfolio so customers can enjoy an integrated endpoint security solution that will include comprehensive data encryption.
What does Trend Micro plan to do with Mobile Armor product portfolio?
Currently, there are no plans to change the Mobile Armor product portfolio or discontinue any of the products. Over time, we will look to better integrate the Mobile Armor products and services into Trend Micro’s core security offerings.
Does Trend Micro plan to localize the Mobile Armor product portfolio to support different languages? Mobile Armor’s product portfolio today is English-language only. Trend Micro plans to localize the offering so it supports languages other than English.
CUSTOMERS AND PARTNERS
How is the transaction between Trend Micro and Mobile Armor expected to benefit Mobile Armor customers? Mobile Armor shares Trend Micro’s vision of ensuring the world is a place safe to exchange digital information. Mobile Armor customers can look forward to continuing to receive fortified and government certified data encryption solutions, advanced data protection innovations and an integrated endpoint security solution that will provide greater levels of data protection, all supported by the resources of a global organization.
How is the transaction between Trend Micro and Mobile Armor expected to benefit Trend Micro customers? Trend Micro will be better positioned to offer customers a more comprehensive endpoint solution that combines content security, data loss prevention and data encryption for endpoint devices.
How is the transaction expected to benefit Trend Micro’s channel partners?
By introducing Mobile Armor solutions into our distribution channel, our partners will be better positioned to capture a larger share of the total data protection market. Partners will benefit from offering a total data protection solution that directly addresses the top concerns IT and Security professionals have with a solution that has significant customer pull and a clear value proposition, which makes standalone sales or cross-selling a relatively easy conversation.
Does the transaction mean any change for existing Mobile Armor technology partnerships? Mobile Armor has a number of strong distribution and technology partnerships that provide significant value to its customers. Trend Micro brings additional products and global reach for these relationships and we look forward to creating additional benefits for our customers and partners.
Page 3 of 4
Can the Mobile Armor technology be sold outside of the United States?
Yes. Mobile Armor products can be marketed outside the US and are eligible subject to restrictions under the U.S. Export Administration Regulations.
SALES AND SERVICE
Should Mobile Armor customers continue to purchase Mobile Armor products from Mobile Armor and its channel partners? Yes. Mobile Armor customers are encouraged to purchase through Mobile Armor and its channel partners. Mobile Armor’s products will remain listed on existing government contract vehicles, under the current contract holder’s name (which may be listed under Mobile Armor or other contract holder name). Mobile Armor Channel Partners have been notified of the acquisition announcement and any changes that may need to be done, will be transparent to customers. We will communicate all changes and transitions well in advance through Mobile Armor and Mobile Armor Channel Partners.
Should Mobile Armor customers continue to call Mobile Armor customer support?
Yes. Mobile Armor customers should continue to use existing Mobile Armor contact numbers for support to address immediate and ongoing needs. We will communicate all changes and transitions well in advance through these familiar channels.
Should Mobile Armor customers continue to communicate with their Mobile Armor sales and channel representatives? Yes. Mobile Armor customers should continue to communicate with the sales and channel representative with whom they have been working. Mobile Armor will continue to operate from current offices with the same contact information. E-mail addresses will change at a future date and you will be informed of the change well in advance.
How is this acquisition expected to impact any existing project, deployment, or services engagements? This transaction is not expected to adversely impact any existing project, deployment or services engagement.
How can I learn more about Mobile Armor encryption solutions?
Visit www.mobilearmor.com to learn more about the Mobile Armor offerings.
Trend Micro To Buy Encryption Firm Mobile Armor
Acquisition of hardware and software endpoint encryption company is latest in a busy year of purchases involving major security vendors.
http://www.informationweek.com/news/security/management/showArticle.jhtml?articleID=228400197&cid=RSSfeed_IWK_All
By Mathew J. Schwartz , InformationWeek
November 30, 2010 10:58 AM
Trend Micro on Monday announced its plans to acquire Mobile Armor, which sells data encryption software for hardware and operating systems. Financial terms of the deal were not disclosed.
"This acquisition will expand our endpoint security market reach and will provide our customers with proven technology for encrypting data on laptops, tablet PCs, and smartphones," said Eva Chen, Trend Micro CEO, in a statement.
"For customers, we see Mobile Armor complementing Trend Micro's data protection strategy and contributing to Trend Micro's mobile and cloud security initiatives," said Michael Menegay, CEO of Mobile Armor, in a statement.
According to IDC, McAfee is the world's third-largest content and threat management vendor and controlled 9.3% of the market in 2009. That puts it behind Symantec (25.8%) and McAfee (12.2%) but ahead of Check Point Software Technologies (6.9%), Microsoft (4.6%), Kaspersky Lab (3.6%), Websense (2.9%), and Sophos (2.4%).
Trend Micro's purchase of Mobile Armor continues what's been a non-stop year of acquisitions involving every major security vendor. In August, for example, McAfee was acquired by Intel.
Meanwhile in April, Trend Micro's largest rival, Symantec, spent a total of $370 million in cash to purchase data encryption vendors PGP and GuardianEdge.
As that implies, endpoint data encryption technology is in demand. Based on figures from IDC, the endpoint encryption market will grow by 14% per year through 2014. Some of that uptake is being driven by continuing CIO fears over employees who use their own mobile devices to connect to the corporate network and store sensitive data.
But regulations are also leading organizations to take better care of mobile data. "State and national governments are enacting more stringent regulations such as the U.S. HITECH Act, the U.K. Data Protection Act, and the German Federal Data Protection Act," said Trend Micro. "Together with the Payment Card Industry Data Security Standard (PCI DSS), such regulations are driving the need to encrypt sensitive information and protect privacy."
Awk, those are some pretty strong endorsements! This will have tremendous ripple effect - we're already seeing it with GD, Booz Hamilton, PWC etc, just a question of when exactly the chips start to fall. 2011 will be one hell of a year, I believe. Cheers, Foam
Good new Wave PDF on device authentication
http://www.wave.com/collateral/03-000274_DeviceAuth.pdf
Oracle supports TPM
http://www.oracle.com/technetwork/articles/servers-storage-admin/os11esecurity-186797.pdf
Oracle Solaris 11 Express introduces support for Trusted Platform Modules...
DoD planning to go live with Trusted Computing?
http://jobs.climber.com/jobs/industry/USA/Hardware-Design-Engineer/4044921
GD job ad:
Hardware Design Engineer
General Dynamics
Job Title Job ID Number STR-LF-09-10492-1 Company Land Systems Location Detroit, MI Job Category Computers, Hardware Job Description General Dynamics Land Systems (GDLS) is a $4 Billion business unit of General Dynamics Corporation and has a 65 year defense heritage of providing high quality, technically superior, high value products and services to the United States and its allies. Land Systems has the leadership, financial resources, technology and strength of more than 8,400 employees who are dedicated to making the company the world's preferred supplier of a full spectrum of land and amphibious weapons systems. This dedication assures every shareholder, customer and the nation that the name General Dynamics will always mean Strength on Your Side. - Design, Develop, and Test Circuit Cards; emphasis on Processors & Video/Data Networking features - Perform Technology Research, Feasibility Assessments, and Detailed Hardware Design Requirements Definition. - Analyze Processor Hardware - Develop Engineering Design Fixes, and Coordinate Solutions. - Develop Concepts to Support Advanced Technology Initiatives, IRADS, Proposals, and Demonstrators. - Support concurrent engineering reviews and Trade Studies. - Support component selection, procurement and oversight of prototype hardware build. - Update Schedules, Budgets and Reports as required to meet technical objectives. - Background in processor and networking hardware design - Background with HC12 Microcontrollers & x86, Power PC Single board Computers, including C programming a plus - Background in PCI Express, Ethernet, Firewire, USB, CAN, and other data interfaces; DVI, LVDS, SDI and other video interfaces - Background in VITA46/48 - Background in circuit card design, component selection, layout; specific interest in graphics and data interfaces - Background in Xilinx FPGA Design and Simulation, EDK, VHDL, Xilinx PowerPC cores a plus - Background in the following areas desired:
Virtualization technology (such as Intel VT-d), Trusted Execution Technology (TXT), trusted boot technology (such as Trusted Platform Manager), Xilinx single chip crypto (SCC), hypervisors, software separation kernels, NSA's High Assurance Platform and it's G.H.O.S.T. implementation, Green Hills Integrity, Wind River MILS, Experience with successfully leading a product NSA certification (emphasis on Army), red/black data separation, data encryption, cryptography, cross domain guards, KVMs, intrusion detection, multi-level authentication, Knowledge of DOD regulatory policies relating to Information Assurance (IA), Public Key Infrastructure (PKI), DoD Information Assurance Certification and Accreditation Process (DIACAP) - Ability to use Engineering Development and Test Tools. - Must meet ASR Requirements to Work Inside vehicles. - Capable of Obtaining a Security Clearance. - Occasional overtime, and weekend hours may be required to complete critical tasks. - Ability to work in team based environment - Must have an understanding of customer requirements and experience in development of sub-systems and hardware lower level requirements. - Must have proficient oral and written communication skills. Including experience giving technical presentations. - Support EVMS, ACE and ISO. - Must be able to obtain U. S. Security Clearance. - Bachelor of Science degree in Computer Engineering or Electrical Engineering. Other technical degrees will be considered with relevant experience. Masters degree in Computer Engineering or Electrical Engineering preferred. Apply Online Directly with Land Systems
http://www.charlestondca.org/shared/docs/2245/detailed%20conference%20agenda.pdf
1410-1500 – How to deploy cost ef- fective Cyber solutions
RADM Ken Deutsch, USN (ret), Account Executive for DoD Cyber, CSC
Mr. Rob Dobry, Director of Technology Outreach for Trusted Computing, NSA, Commercial Solutions Center
Mr. Robert Giesler, Vice President for Cyber Programs, SAIC
Dr. Harold L. Jones, Technical Director, Cyber Warfare and Cyber Security, BAE Systems
Alea-Exactly what I wanted to say. Coulda/shoulda happened earlier, but hey I'll take it now when the sector is hotter than ever before. Cheers, Foam
Cisco Trusted Platform Module????
http://www.costcentral.com/proddetail/Cisco_Trusted_Platform_Module_Chip/R200TPM1/11009887/
General Specifications
Manufacturer Cisco
Manufacturer Part # R200-TPM1
Cost Central Item # 11009887
Product Description Cisco Trusted Platform Module Chip - Hardware security chip
Product Type Hardware security chip