TCG and IETF further cement interoperability in attestation with long-term partnership
(firmenpresse) - Beaverton, OR, USA, December 2, 2019
Through their ongoing work on the definition and architecture of how attestation works, TCG and the IETF are enabling higher levels of security within the operating systems of mobile devices and tablets. Working together, the two global standards organizations are defining a structure for the assurances that are input into application codes and setting specific rules so that they can be interpreted and ran interchangeably and interoperably
This is to address challenges within the current infrastructure which was built with a premium on openness and interoperability. While this has paid huge dividends in terms of creativity and innovation, the same openness is problematic for security with evidence showing that the access control model of some operating systems is inadequate against many types of attacks w security works.
In a tightly managed operating system, the applications that are available to download entail specific attestation that has been approved by the device manufacturer. The device then checks the digital signature and makes sure everything is correct before it installs the code
When an operating system has ties to the application and is not tightly managed, catastrophic consequences can occur as the applications have the ability to get down to the main operating system level where it is open to exploitation and numerous security problems.
In order to ensure the highest levels of security, whether the device contains a tightly managed operating system or not, device manufacturers need to consider the attestation in their connected devices. With the introduction of one set of standards, the industry is able to guarantee higher levels of assurance and ownership and ensure that there is more accountability when a problem occurs ication is responsible to sign the code, the manufacturer is providing an assurance that they believe that the code is secure, if a vulnerability is then found, they are ultimately responsible for removing the issue and updating or patching the application.
Vendors worldwide, both members of TCG and participants in the IETF, have been collaborating on the development of attestation standards and technologies to ensure the capability with a variety of use cases.
Moriarty recently highlighted the developments of the partnership between TCG and the IETF at the TCG October Annual Members Meeting in Toronto, Ontario, Canada. In her keynote presentation entitled
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Proactive PR
+44 (0)1636 704 888
Email: press(at)trustedcomputinggroup.org
Datum: 02.12.2019 - 12:06 Uhr
Sprache: Deutsch
News-ID 1554386
Anzahl Zeichen: 5172
contact information:
Contact person: Fran Cator
Town:
Lincoln
Phone: +44 (0)1522 883640
Kategorie:
Computer & Software
Typ of Press Release: please
type of sending: send
Date of sending:
Anmerkungen:
Diese Pressemitteilung wurde bisher 476 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"TCG and IETF further cement interoperability in attestation with long-term partnership
"
steht unter der journalistisch-redaktionellen Verantwortung von
RealWire (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
