Home Education New TCG guidance creates low-cost attestation architecture to establish trust in devices

New TCG guidance creates low-cost attestation architecture to establish trust in devices


December 13, 2022 – Accurately attesting the integrity of a device without a Trusted Platform Model (TPM) has been made possible with the latest Device Identifier Composition Engine (DICE) specification from Trusted Computing Group (TCG).

By 2030, there is expected to be over 30 billion connected devices worldwide. With the growth of the Internet of Things (IoT), complex architectures with challenging security and resource constraints will become commonplace, making an optimal security posture increasingly difficult to establish and maintain. A TPM can help overcome these issues, however not all devices leverage such technology.

To this end, the ‘DICE Endorsement Architecture for Devices’ specification from TCG provides a definitive guide to establish trust within systems and components with and without a TPM. It provides guidelines for devices to integrate cryptographically strong device identity, attest software and security policy, and assist in safely deploying and verifying software updates at near zero cost.

“The TPM is a vital tool for ensuring the integrity of a device, however the vast majority of devices being used across the world do not contain one”, said Chairman of the DICE Work Group, Dennis Mattoon. “With this new specification, manufacturers are provided the tools they need to provide the endorsements required to verify and attest the information received from a device and establish trust where previously it was difficult to do so.”

Previous DICE specifications outlined how devices can make authoritative statements to establish device identity, perform measurements and produce the required claims in evidence. With the ‘Endorsement Architecture for Devices’ specification, both aspects of the attestation process are covered, enabling manufacturers to provide manifests and present endorsement values to verifiers in order to successfully complete the reconciliation process.

The latest DICE specification represents the ongoing attempts of TCG to set trusted computing standards within all devices, regardless of whether a TPM has been leveraged.

-ENDS-

More to explore
For more information about DICE Attestation Architecture, please visit the Trusted Computing Group website. https://trustedcomputinggroup.org/work-groups/dice-architectures/

Trade media
Proactive International PR
[email protected]

Trusted Computing Group
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information is available at the TCG website, www.trustedcomputinggroup.org. The organization offers a number of resources for developers and designers at https://develop.trustedcomputinggroup.org/.

Follow TCG on Twitter and LinkedIn.






Source link

RELATED ARTICLES

Neos Networks named supplier on G-Cloud 13 framework

London, UK, 31 January: Neos Networks, one of the UK’s leading fibre connectivity suppliers, has been named as a supplier...

GigaOm Names CloudCasa by Catalogic a Leader and Outperformer in its Radar for Kubernetes Data Protection Report

CloudCasa makes its entry into the leader circle for those buyers seeking a SaaS solution with a “great user experience”Woodcliff...

Freshwave and Midland Metropolitan University Hospital teaming up to build world class mobile network

Freshwave chosen to provide mobile network to new hospital – bringing on board all four operators throughout the new hospital World...

Most Popular

Neos Networks named supplier on G-Cloud 13 framework

London, UK, 31 January: Neos Networks, one of the UK’s leading fibre connectivity suppliers, has been named as a supplier...

GigaOm Names CloudCasa by Catalogic a Leader and Outperformer in its Radar for Kubernetes Data Protection Report

CloudCasa makes its entry into the leader circle for those buyers seeking a SaaS solution with a “great user experience”Woodcliff...

Freshwave and Midland Metropolitan University Hospital teaming up to build world class mobile network

Freshwave chosen to provide mobile network to new hospital – bringing on board all four operators throughout the new hospital World...

Corruption jeopardizes implementation of sustainable policies in OECD and EU countries

Recent findings from the Bertelsmann Stiftung's Sustainable Governance Indicators (SGI) show 14 out of 41 OECD and EU countries faltering...

Recent Comments