Replies to post #207192 on Wave Systems Corp. (fka WAVXQ)

[wavedreamer]

awk,

while you mention open standards, do have an opinion on Wave's partner Juniper Networks new client product called Junos Pulse??

I was listening to the Juniper presentation at the IAB meeting and at the end they stated that Government Employees would be able to use the Apple I-Phone and I-Pad to securley do mobile business within the Government.

It appears to be a software Application that is loaded on the Client side and is based on the TNC open standards.

We know the MTM Specification has not been released yet so I'm wondering how secure can the devices be??

The good news is the I-pad and I-phone have ARM TrustZone on board.

"Government Smart Card Interagency Advisory Board (IAB) Meeting:

Juniper Approach in Supporting the Implementation of SHA-256"


http://www.fips201.com/articles/2011/02/25/february-23-iab-audio


Junos Pulse Client

Brochure

http://www.juniper.net/us/en/local/pdf/solutionbriefs/3510372-en.pdf

Specification sheet:

- Uses industry and open standards-based Trusted Network Connect (TNC) specifications.

http://www.juniper.net/us/en/products-services/software/junos-platform/junos-pulse/

http://www.appleinsider.com/articles/10/01/28/ipads_custom_apple_a4_processor_includes_arm_based_cpu_gpu.html

http://www.9to5mac.com/50156/arm-earnings-explode-on-ipad-iphone-blessing

[awk]

Cloud: Open standards, anyone?


http://www.uncompiled.com/2010/09/trusted-computing-group-eyes-cloud-security-framework/

The Trusted Computing Group Monday announced a working group aimed at publishing an open standards framework for cloud computing security that could serve as a blueprint for service providers, their customers and vendors building security products.


Cloud security: The basics

Known as the Trusted Multi-Tenant Infrastructure Work Group, there are about 50 TCG members participating, including HP, IBM, AMD and Microsoft. The group also will receive input from U.S. Defense Department representatives and the U.K. government, according to sources. TCG has in all about 110 members that have worked over the years on standards-based initiatives in the area of trusted computing, including “Trusted Network Connect” and the “Trusted Platform Module.”

The latest plan is intended to put forward a security framework for cloud computing, including private, public and hybrid cloud environments as well as virtualized and non-virtualized ones. “Multi-tenant security is really an end-to-end security requirement,” says Eric Visnyak, information assurance architect at BAE Systems, which is participating in the new group. “We need to validate policy requirements in dedicated and shared infrastructure.”

The Trusted Multi-Tenant Infrastructure Work Group will make use of existing open standards to define end-to-end security, both virtual and physical, in a cloud-computing environment, including capabilities such as encryption and integrity monitoring, Visnyak says. TCG wants to publish its framework document later this year in draft form to receive public input, so that a final revision can be in place early next year.

The goal is to create a framework document for cloud-computing security that will not only serve as a baseline for security compliance and auditing, but also might also encourage the introduction of new products.

Visnyak acknowledges that other organizations, including the Cloud Security Alliance and the National Institute of Standards and Technology (NIST), are also weighing in on the important topic of cloud-computing security, and there’s the potential for division on the issues. But he says TCG is in touch with both the Cloud Security Alliance and NIST to try to avoid creating schisms.