Wave Systems Corp. (fka WAVXQ)

[Foam]

Intel- TPM and network security. Cisco has clearly seen the light regarding the need for TPMs (see my prior post)

http://www.intel.com/it/digital-enterprise/network-security.pdf
Certificate-Based Protocol
Computer certificates significantly improve the level of security
and resistance to brute force attacks. However, certificatebased
protocols such as EAP-Transport Layer Security
(EAP-TLS) require a public key infrastructure (PKI), which
adds a level of complexity and cost. A certificate authority
(CA) must be established to generate the certificate, and a
system put in place for deployment and maintenance to
revoke, renew, and track certificates. Certificates can be
purchased from a commercial source, but they still need
to be deployed and maintained.
The optimum approach is to use separate certificates for
device and user authentication and to require both forms
of authentication before allowing network access. However,
this may not be the best option for device authentication,
as the credential needs to be associated with the device.
One solution is to store the certificate in the TPM on the
computer, if the ease of use for customers makes that
additional risk worthwhile.