Click me
Transcribed

Protect Your Data and Enhance Security

PROTECT YOUR DATA AND ENHANCE SECURITY In a complex and highly inter-connected environment, newly upgraded Trusted Platform Module is rapidly becoming a highly adopted security standard "It's not a question of if, but when and how Internet criminals will (b) get into your network" Cisco Systems Security Report DATA Living on the Edge Malicious actors are using trusted applications to exploit gaps in perimeter security: The risks Key areas of authentication, authorization, input validation, and encryption are the most common (and critical) risks. Potential threats typically exploit these areas with an increasing number of attacks and are difficult for existing tools to understand and diagnose. At the same time, attacks against infrastructure are targeting specific resources - 85% of the malicious App App 98% 22.4 sites were found on legitimate web hosts that had been compromised. of applications presented at least one application security risk risks registered by the average application Distribution of Risks by Security Area (%) 23.1 17.0 11.8 11.8 9.2 27.1 Input Validation and Encoding Identification and Sensitive Session Access Control/ Other Authentication Data Protection Management Authorization The combination of a properly designed password storage method and a properly designed methodology/policy for a user password choice is absolutely critical. Enter TPM, the Trusted Platform Module, created by Trusted Computing Group. TPM is kind of a digital fingerprint, a microcontroller that stores keys, passwords and digital certificates, enabling: Locking Your Valuables Integrity checks of systems with the TPM ATPM Secure repository for certificates, keys, passwords that's safer than storing these in software Authentication **** Cryptographic capabilities to create a unique digital fingerprint for systems TPM 2B Over two billion TPMS are embedded into PCs, servers, networking gear and other devices, protecting users against unauthorized changes: TPM stores personal data, making it more secure from software attack and physical theft. Access to data and secrets in a platform can be denied by policy settings, making critical applications and capabilities such as secure email, secure web access and local protection of data much more secure. Protect your entire digital environment Fast forward to TPM 2.0 Comparison Compared to TPM 1.2, new specifications include six important modifications library specification, looking beyond SHA1 and RSA cryptography, to make the features less ambiguous, more manageable and applicable across various devices used in an Internet of Things environment, designed to function in many kinds of embedded systems. Furthermore, TPM 2.0 is expected to be widely used and meet government requirements in many countries. 1.2 2.0 Support for more than one "bank" of Platform Inclusion of three administration Support for additional Flexible support for algorithms Support for enhanced authorization Support for multiple "trusted keys" key usage hierarchies Variety of algorithms with the Very Ability to provide more general cryptographic ations More than one Configuration Registers "Platform hierarchy" for platform prote "endorsement flexible and "endorsement fine-grained key" and more potential to add support for more TPM to control over than one keep track of platform state using hierarchy" for privacy control and a "storage hierarchy" for general cryptographic usage how and when TPM-protected data and with public and symmetric keys, including signature "storage root key", each potentially using different algorithms algorithms in the future more than one keys can be with minimal distinct hash accessed verification revisions and symmetric encryption algorithm Technologies already supporting TPM 2.0 2.0 1.2 Intel® TXT Boot Guard Including Intel TXT Toolkit, TPM 2.0 Provisioning Tools and Intel TXT Policy Generator (in development) Prevents booting of machines that fail boot measurements (expected to be available 2015) Will TPMS based on the 1.2 specification be replaced by ones based on the TPM 2.0 specification? Microsoft® Windows 8 TPM2.0 Emulator New spec enables usage of key TPM features without user intervention for various purposes Plugs into PLC header (or TPM module socket) and provides both hardware and software protection TPM 1.2 currently is an ISO/IEC 11889 standard and we anticipate seeking it for TPM 2.0 in the coming months. TCG will provide a certification program as well, similar to the one provided now for TPM 1.2 implementations. In the near term, it is expected that both TPM 1.2 and TPM 2.0 will be available and that vendors will Winds 8 provide implementations that support both TPM 1.2 and TPM 2.0. SOURCES: Cisco Systems 2014 Annual Security Report, Aspect Security, Acpect Security 2013 Global Application Security Risk Report, Trustwave 2013Global Security Report, Websense 2013 Threat Report, Trusted Computing Group, "Intel® Trusted Execution Technology for Server Platforms: A Guide to More Secure Datacenters" TRUSTED COMPUTING GROUPM

Protect Your Data and Enhance Security

shared by borisbenko on Feb 24
349 views
2 shares
0 comments
In a complex and highly inter-connected environment, newly upgraded Trusted Platform Module is rapidly becoming a highly adopted security standard

Category

Technology
Did you work on this visual? Claim credit!

Get a Quote

Embed Code

For hosted site:

Click the code to copy

For wordpress.com:

Click the code to copy
Customize size