Wave Systems Corp. (fka WAVXQ)

[wavedreamer]

barge,

Wave/Trusted Logic/Trustonic did the proof of concept a year ago, the TCG just released the Draft version of the TPM Mobile 2.0 and where it can be hosted. Inside a Secure Element/TEE or Virtulized container etc. The final version is still to be released. So the TCG and GlobalPlatform still have work to do. Throw in the NSA/NIST/CESG Protection Profiles to be adopted by 26 countries/NATO for critical infrastructure and you start to see who the real holders of the KEYS are:) JMO

The industry knows what is coming and Companies like Samsung/Micron/Intel/Lenovo/HP/Dell/Microsoft etc... are lining up who to use for the hardware based security to fight APTS/DLP/Data at rest protection/Device Health services/Identity and Access Control etc.

They can develop those products in house or use a company like Wave and license.

Sure hope Solms and company can line up paying customers after the NSA says GO:)


December 19, 2012

Trustonic: Sounding Clarion Call for Trusted Computing in Mobile


Yesterday’s announcement of Trustonic, a new venture from ARM (the UK-based chip company), Gemalto and Giesecke & Devrient, signaled that industry was finally getting serious about the need for trust built into smart connected devices—just as more and more consumers and corporate users look to conduct commerce or financial transactions on their tablets or smartphones.

Trustonic’s formation stands as a validation of the transformational role Trusted Computing will play in the mobile device security of tomorrow.

Wave is an official launch partner, and it’s fitting, as we’ve been one of the most strident advocates for a safer, more trusted computing environment for more than a decade now, since we introduced our EMBedded Application Security SYstem, or EMBASSY solution. EMBASSY included a chip that provided a programmable trusted execution environment (TEE) that securely ran ‘trustlets.’



Trustonic plans to standardize a very similar programmable hardware-based security capability in mobile and embedded devices based on an ARM architecture known as TrustZone. (Wave officially joined the ARM Trust Zone-ready program in September.) Since ARM processors, including the TrustZone feature, dominate the mobile industry, this strategic alliance provides a path to strong, hardware-based security, which is based on open industry standards. Trustonic will offer TrustZone software and firmware, which will enable a programmable TEE based on specifications from the GlobalPlatform group. The TEE can support multiple secure applications.

One of the TEE applications, which is being standardized by the Trusted Computing Group (TCG) is the Trusted Platform Module-Mobile (TPM-M), a firmware version of the TPM. While the TPM-M executes in the TEE, the TPM’s keys are actually held in hardware within the device to provide highly secure roots of trusts for the device. The new draft proposal from NIST, 800-164, for security in mobile devices, specifies hardware roots of trust as the foundation of new, industry standard security. In February, Wave demonstrated an Android device with a TPM-Mobile running inside of TrustZone/TEE provided by one of the new Trustonic partners, Trusted Logic, a division of Gemalto.

As TPM-Mobile is adopted by the mobile industry, Wave Systems plans to extend its current Trusted Computing products and infrastructure to provide interoperability and cross-platform compatibility across PC, tablets and mobile devices. In addition, the TPM-Mobile specifications from the TCG provide the ability for a TPM-M to support a trust model known as the Multiple Stakeholder Model (MSM). The MSM model allows the TPM-M to provide strong, independent security to multiple entities in the platforms such as enterprises, third party application developers, the handset vendor, and network operators. The original Wave EMBASSY 2100 chipset and trust infrastructure supported a multi-party trust model. EMBASSY was very similar to the new open, standard trust solution being offered to the industry.

http://blog.wave.com/allen/trustonic-sounds-clarion-call-for-trusted-computing-in-mobile/

ALSO


Protection Profile for Trusted Execution Environment Version 1.0 Sensitive Data Protection Phase 1 TBD

Protection Profile for Trusted Platform Module Version 1.0 Sensitive Data Protection Phase 3 CY 2014, Q3

Protection Profile for Self-Encryption Drive Version 1.0 Encrypted Storage Phase 1 CY 2014, Q4



Protection Profiles in Development


The following table lists all U.S. Government Protection Profiles currently being developed or modified and gives a general indication of their current status. For additional information, please send inquiries to niap@niap-ccevs.org.

https://www.niap-ccevs.org/pp/draft_pps/index.cfm?&CFID=16826400&CFTOKEN=b8df66afd728ce69-BD511282-C96F-AC2E-A393F342D463F334