Wave Systems Corp. (fka WAVXQ)

[Fullmoon]

2b, a followup story to your post:
'Palladium' Echoes in New Handheld Security Spec
Mark Hachman

http://www.eweek.com/article2/0,1759,1684441,00.asp

(This is actually part 2)

The TMP initiative creates a "boundary of trust" around some of the central components within the handheld system. The system initially boots from a trusted OS stored on a secure ROM, and through the applications processor that's checked against the Trusted Platform Module, or TPM. Data stored on removable devices such as flash cards must be securely encrypted, and the specification also lists the SIM card, used to identify the phone to the carrier, as a trusted device that can authenticate the user.

Intel has already placed some elements of the TMP within its "Bulverde" wireless applications processor, known as the PXA27X family, Krisa said.

"The level of digital rights management will be implemented on the software level within the middleware, and will procedurally determine what you can pass forward and save on the handset as well," Krisa said, adding that it will be managed by IBM's WebSphere team.

IBM contributed software "expertise," June Namioka, a spokeswoman for IBM's Asia-Pacific headquarters in Tokyo, said in an interview. Intel's Krisa said work focused on some of the higher-end software protocols used by the technology.

One analyst called IBM's involvement significant. "Enterprise wireless apps are more of a concern for the average IT manager than for the average consumer," said Julie Ask, a wireless analyst with Jupitermedia Corp.'s JupiterResearch division. "The risk isn't so much in bringing down my phone, it's hacking into my system or making sure the workers on the factory floor can't talk to one another, which could be disastrous."

However, the initiative currently lacks the support of a number of other key vendors. For his part, Krisa said the 2005 launch date is "highly dependent on other members, middleware ecosystem and OS vendors." A representative from Symbian, a U.K.-based provider of embedded OSes, did not return a call for comment.

Although both the hardware and software specifications were released Wednesday, the software document indicates that it was authored June 23.

Analyst reaction was mixed. "Without having details, I see this '05 thing as questionable," said Neil Strother, senior analyst with In-Stat/MDR in Phoenix. "Even if they move quickly, I'm skeptical."

If you want to build trust in the trust model, "you have to get the banking guys on board," he said.

Cliff Raskind, director of wireless enterprise strategies at Boston-based Strategy Analytics, said his first impression was that the triumvirate didn't have the clout that a trio of Microsoft, Intel and Cisco Systems Inc. might have in trying to establish standards for the Wi-Fi space. Wireless, by contrast, encompasses too many players. "You need buy-in across the board," he said.

On the other hand, the life cycle for phones has shrunk to between six and eight months, forcing handset makers and carriers alike to implement new technology quickly or risk losing market share, analysts said. In a recent executive study, JupiterResearch found that 30 percent of the respondents cited poor device security as their chief barriers to adopting new wireless devices. Thirty-one percent cited poor network security.

"Things do move quickly in the mobile space, and Intel is very serious in growing its communications business and putting in the marketing dollars to do so," JupiterResearch's Ask said.

"When you announce with a carrier, that's good," Ask added. "I'm not sure if it's going to turn into a North American thing, though, versus a Japanese one." Asian carriers are usually on the leading edge of OS and technology advances, she said. Other analysts pointed out that NTT DoCoMo is a major player only in the GSM space, and a European and American carrier would need to sign on.

None of the analysts reached for comment said they had been briefed on the TMP technology, which they found unusual.

The TMP initiative creates a "boundary of trust" around some of the central components within the handheld system. The system initially boots from a trusted OS stored on a secure ROM, and through the applications processor that's checked against the Trusted Platform Module, or TPM. Data stored on removable devices such as flash cards must be securely encrypted, and the specification also lists the SIM card, used to identify the phone to the carrier, as a trusted device that can authenticate the user.

Intel's Krisa said the Trusted Computing Group, which oversees the TPM specifications, will have to come up with a derivative designed for mobile handsets to minimize the platform's power consumption.