The spec is said to define a set of hardware and software components that can be built into devices to provide varying degrees of security. Implementation of the platform is said to consist of applying well-established, strong security techniques to hardware and software architectures, resulting in a trusted execution environment that protects the device at boot time and during device operation.
The spec is said to incorporate the latest security technologies and controls. Hardware and software components function together to limit the potential damage from malicious applications and to enable a rich set of security services.
In addition, the spec defines a protocol that allows the security state of a device to be shared with other devices in the network, in order to enable device-level trust to be extended into the larger network. Through tamper-resistant modules and by enabling domain separation, a trusted platform will be able to protect data from potential viruses spreading from one application to the next. In addition, various authorization and management protocols are intended to provide companies with higher levels of security for wireless delivery of new software to employees.
The companies say they are each contributing unique and valuable skills to the collaboration. NTT DoCoMo is providing the requirements for platform integrity and security based on its knowledge of wireless networks. Intel is providing its knowledge of silicon designs and expertise in architecting wireless devices. IBM is providing its vast experience in business security and pervasive computing.
Takanori Utano, executive vice president and chief technology officer of NTT DoCoMo, said, "The Trusted Mobile Platform provides a new foundation for mobile devices. The goal of our joint research was to provide an open and secure architecture for future wireless data services."
Sean Maloney, Intel executive vice president and general manager of Intel's Communications Group, added, "This collaboration directly enhances handheld architectures to provide the trusted capabilities vital for widespread adoption of mobile commerce and enterprise usage."
Alistair Rennie, vice president, Sales and Marketing, IBM Pervasive Computing, said, "Mobile security is more than just protecting against new viruses, worms and attacks; it's about protecting critical business assets and information. IBM is working to bring security specifications, such as the Trusted Mobile Platform, to standards bodies, with the hope security will become more embedded across a broad range of business systems."
The Trusted Mobile Platform specification is available
here.
Related stories:
