Wave Systems Corp. (fka WAVXQ)

[Whitewash]

Twenty-Second Annual Computer Security Applications Conference (ACSAC)
Practical Solutions To Real World Security Problems

December 11-15, 2006
Miami Beach Resort and Spa
Miami Beach, FL, USA

http://www.acsac.org/2006/advance_program.html

Track 3: Case Studies
Title: Case Studies
Chair: Ed Giorgio, Booz Allen Hamilton

Trusted Storage.
Dave Anderson, Seagate Research


Storage Systems, such as disk drives, and other computing-system peripherals are critical components of a security, privacy, and trust configuration of a computing platform. This session provides a framework with which to understand why and how peripheral devices should be secured as independent roots of trust. The framework provides a generic security model for all peripheral devices, and shows how peripherals can be configured as roots of trust, each playing a complementary role in establishing the overall security and privacy goals of platform-based and networked computing.

The session begins with security measures for storage systems that exist today and their relative effectiveness. It will then go into where and how to secure access control of the storage system, discussing in detail what needs to be controlled and how to grant control in a secure manner.

The Trusted Computing Group's Trusted Storage Use Cases will be reviewed in depth, highlighting the technical requirements being solved by the formal specifications. Relationships and cooperation with other industry storage standards (eg, SCSI and ATA) will be discussed, and the TCG's specification for secure and trusted storage will be outlined.


Putting Trust into the Network: Securing Your Network through Trusted Access Control.
Steve Hanna, Juniper Networks


Today, client network connection requests are granted or denied based on the client's ability to prove their credentials, including passwords, machine certificates and user certificates. This approach ignores the possibility that the client platform contains malicious code (e.g. viruses, Trojans, malware) that spreads through the network once IP connectivity is granted. Trusted Computing and its hardware elements provide the most reliable and secure method to ascertain end-point integrity for clients seeking connectivity to a network. Through trusted network connection protocols and trusted platform mechanisms, platforms can be authenticated before being given full network connectivity. This speaker will address the architecture, applications, status of the Trusted Network Connect specification which is backed by more than 90 companies and also discuss how to properly implement it.