Group Developing Standards For Secure Cell Phone Hardware - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

Group Developing Standards For Secure Cell Phone Hardware

The Trusted Computing Group plans to deliver a spec before June for functions including device authentication, third-party digital rights management, and software downloads.

SAN JOSE, Calif. — An ad hoc industry group has taken its first step toward delivering in the first half of 2006 a hardware-security standard for cellphones.

The Trusted Computing Group released 11 user scenarios that are the basis for the spec it will release before next June.

The TCG established a standard for verifying the integrity of PCs more than a year ago. It specifies use of a security device, called the Trusted Platform Module (TPM), that creates cryptographic keys to identify a system’s integrity and provide secure data storage and execution space as needed. Developing a version of that spec for the more complex mobile sector has so far proved slow going.

That is due in part to the wide variety and diversity of stakeholders in the cellular industry. Active members in the TCG’s mobile work group include Authentec, Ericsson, France Telecom, IBM, Infineon, Intel, Lenovo, Motorola, Nokia, Philips, Samsung, Sony, STMicroelectronics, Texas Instruments, VeriSign, Vodaphone and Wave Systems.

The group has developed 11 user scenarios to guide its parallel efforts on drafting technical requirements and the final spec itself. The specification is currently about 70-percent complete, according to Janne Uusilehto, a senior technology manager in Nokia Corp.’s technology platforms group who chairs the TCG mobile group.

That draft differs from the existing PC spec in two major ways. While PCs have generally chosen to implement the TPM as a standalone chip, cellphones will likely embed the function in a block inside an existing chip. In addition, PC users have the option of turning off all TPM functions; however, cellphone users will not be able to turn off certain base security functions required by carriers or service providers, said Uusilehto.

Using the TCG’s technology, cellphones will be able to provide hardware-backed security for functions such as device authentication, third-party digital rights management and software downloads. A full list of the 11 user scenarios is at www.trustedcomputinggroup.org.

The technology is expected to open several doors, including encouraging premium content owners such as music studios to release their products to mobile phones via over-the-air services. Currently, studios are reluctant to release content to phones, fearing piracy.

“This spec will go a long way to addressing that,” said Thomas Hardjono, a TCG member and a principal scientist at VeriSign, which recently acquired businesses that sells ringtones and wallpaper for cellphones and hopes to begin selling full music tracks as well.

The technology has been presented to studios by at least one TCG member company. However, TCG members would not comment on the studio’s reception to the mobile spec to date.

The new spec “gives us an opportunity to have multiple sources of interoperable hardware that integrate these security services,” said Uusilehto of Nokia. “Because it is an open spec we also get the benefit of a wide review from industry security specialists, and the customers wind up with more reliable handsets,” he added.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
News
IBM Puts Red Hat OpenShift to Work on Sports Data at US Open
Joao-Pierre S. Ruth, Senior Writer,  8/30/2019
Slideshows
IT Careers: 10 Places to Look for Great Developers
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/4/2019
Commentary
Cloud 2.0: A New Era for Public Cloud
Crystal Bedell, Technology Writer,  9/1/2019
Register for InformationWeek Newsletters
Video
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll