The growing number of embedded and Internet of Things devices means more attack surfaces and opportunities for mayhem. Many devices were developed with little or no security considerations, and traditional security approaches, including the TCG’s Trusted Platform Module (TPM), don’t work in what are typically very small things designed for low cost, low power and simplicity.
To address this issue, TCG has released the DICE architecture. DICE, or Device Identity Composition Engine, offers a new approach to improving security and privacy – with minimal silicon requirements. With complementary software, DICE offers a way to establish a cryptographically strong device identity, attest software and security policy and enable secure deployment and verification of software updates.
In a new webcast with SecurityLedger.com Founder and Editor-in-chief Paul Roberts talks with TCG DICE work group chair Dennis Mattoon of Microsoft. Mattoon talks with Paul about the basic tenets of foundational security and the role of the root of trust and how TCG has evolved from its original TPM concept to a multi-level approach to securing devices, data and networks. Mattoon also explains what DICE is – and is not – and how it’s probably best deployed, as well as the growing support for it in silicon and supporting software from a number of TCG members.
You can find that podcast here, https://securityledger.com/2018/07/breaking-the-ice-on-dice-scaling-secure-internet-of-things-identities/.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.