Wave Systems Corp. (fka WAVXQ)

[Weby]

SL's Post reposted with slight edit.

with author's permission

Wildman, et. al. re: EEE

(Edited with permission of author)
go-kite said:
"This presents an entirely new problem for Wave. They now must get this on the client machine via some distribution channel, then they must get companies to use EEE in collaboration with their software."

Wrong. That would defeat the purpose of providing an SDK. An SDK typically allows either a) key functionality to be compiled into binaries created with the SDK and distributed by the SDK user, or b) key functionality packaged as re-distributable components to be deployed by the SDK user.

Easily verified at Wave's EEE page:

>>>
Network Access Control System Providers:
Integrating hardware-based security with the EMBASSY Endpoint Enforcer into your endpoint security system gives the added assurance that the system can be trusted.

Trusted Network Connect Providers:
Distributing the EMBASSY Endpoint Enforcer with your TNC solution provides security against spoofing for deployment with the extensive network of Trusted Platforms. For IMC/IMV component providers, the EEE SDK can be used to ensure that the metrics you collect are trustworthy and have not been tampered with.
<<<
http://www.wave.com/products/eee

go-kite said:
..."There is no "common" interface for a client integrity tool,"

Wrong. Easily verified at TCG site.

>>>
TCG Infrastructure Working Group
Platform Trust Services Interface
Specification (IF-PTS)
Specification Version 1.0
Revision 1.0
17 November 2006
FINAL

2.1 Purpose of IF-PTS

This document describes and specifies IF-PTS, a critical interface in the Trusted Computing Group’s Trusted Network Connect (TNC) architecture and part of any other application framework where establishment of endpoint integrity is needed. IF-PTS can be used by Integrity Measurement Collectors (IMCs), TNC Client (TNCC) and Network Access Requester (NAR) and other clients to report on endpoint integrity state.

IF-PTS can be used in several ways to improve trusted computing goals.

• PTS enables platform components to participate in Platform Transitive Trust chains.
• Computation and collection of integrity measurements over TNC and other application components.
• Formatting of integrity measurements collected by TNC and other applications for interoperability.
• Client side (local) verification of measurements.
<<<
https://www.trustedcomputinggroup.org/specs/IWG/IF-PTS_v1.0.pdf

BTW, Thomas Hardjono, Greg Kazmierczak, and Len Veil contributed to the specification. Hardjono was co-chair of the group and Kazmierczak was the editor.

go-kite said:
..."and likely the CAs, Ciscos, Nortons, MSFTs, etc all have different tools and would need to build their own interface to the EEE product."

Wrong. Again, contrary to the purpose of an SDK. EEE is the first implementation of IF-PTS (Platform Trust Services).

>>>
Wave Systems has developed the Embassy Endpoint Enforcer based upon an upcoming interface specification from TNC known as Platform Trust Service (IF-PTS).
<<<
https://www.trustedcomputinggroup.org/news/press/member_releases/2006/20060502_Endpoint_Enforcer_FINAL.pdf

go-kite said:
"There are some here that will lead you to believe that EEE is a shoe-in for mass deployment, this is not the case. This opens up a new industry for Wave, but at this time, we don't see much of a relationship with these players."

Wrong again. At the present time Wave has no competition in this area, and it is unlikely that they will until their CSP and/or middleware can be duplicated, or until ALL machines are standardized on Vista and use TBS for TPM access.

Wave has demonstrated EEE with products from Juniper, Seagate, Meetinghouse (purchased by Cisco), and Nortel.

https://www.trustedcomputinggroup.org/news/press/Wave_Juniper_Interop_Release_5-21-07.pdf

https://www.trustedcomputinggroup.org/news/press/member_releases/2006/20060502_Endpoint_Enforcer_FINAL.pdf

Wave working with Microsoft on TPM support for SoH:
http://blogs.technet.com/nap/archive/2007/05/21/network-access-protection-nap-announcement-with-the-trusted-computing-group-tcg.aspx

regards
SL