Trusted Computing Group Pushes Open Spec

The group's security-centric Trusted Network Connect specification should be available later this year. The spec is being developed to establish security policies that prevent potentially dangerous--or untrusted--devices from connecting to, and possibly infecting, a network with viruses, worms or other malicious code that could trigger network downtime or cause critical data loss.

Verification of the endpoint integrity of a networked device, secure authentication and quarantine measures for untrusted devices make up the three-prong strategy of the new Trusted Computing Group (TCG) spec.

The spec is being developed to work either with, or without, the use of Trusted Platform Modules, which are microchips that store encryption keys, passwords and digital certificates. In April, ST Microelectronics, Geneva, Switzerland, said it released version 1.2 of the Trusted Platform Module as part of the ST19W line of processors for smart card and other secure applications.

TCG representatives said platforms that incorporate Trusted Platform Modules will enjoy a higher degree of security when implementing the group's forthcoming specification.

"With more than 60 members representing virtually every aspect of computing, networking and security, TCG is in the leading position to develop a nonproprietary specification to help network operators establish security policies requiring endpoints to achieve a minimum level of trust before connecting to their networks," said Jim Ward, president of the TCG board of directors, in a statement. "This specification will help protect networks from damage and illicit access, and complement TCG specifications that protect systems and information."

TCG member companies Hewlett-Packard, Intel, VeriSign, Extreme Networks, Foundry Networks, Funk Software, InfoExpress, Juniper Networks, Meetinghouse Data Communications, Network Associates, Sygate, Symantec, Trend Micro and Zone Labs are each taking part in the development of the spec.