Click here to learn
about this Sponsor:
Home  |  News  |  Articles  |  Forum

  Home arrow News arrow Bootable USB stick includes encrypted Windows Embedded OS

Bootable USB stick includes encrypted Windows Embedded OS
By Jonathan Angel
2010-07-14

Article Rating:starstarstarstarstar / 0

Rate This Article: Add This Article To:
Poor Best

Spyrus announced it has received a U.S. patent and "Ctrix Ready" certification for a Windows Embedded Standard 2009-based security device it released earlier this year. The Secure Pocket Drive lets users access their data and browse the Internet safely via computers that would otherwise be untrustworthy, the company says.

Spyrus has marketed a variety of USB drives and other storage devices, offering encrypted storage via embedded microSD cards that are sealed in tamper-proof epoxy. While these devices protected data, however, users were still vulnerable in cases where they attempted to browse the web or run software on untrusted computers, including those in homes or public spaces.

Announced in February, Spyrus' Secure Pocket Drive solves this problem by, in the company's words, "turning a commodity microSD card into a militarized security device." Available in 2GB, 4GB, 8GB, or 16GB capacities, the device is loaded with the Windows Embedded Standard 2009 operating system, apparently preconfigured with display, keyboard, and network drivers that can support most modern PCs.


The Secure Pocket Drive from Spyrus

If a host PC can be configured to boot from a USB drive, it makes no difference whether that system is contaminated with spyware or malware, or even what operating system is installed, Spyrus noted earlier this year. That's because the Secure Pocket Drive runs Windows from its own secure storage, bypassing the host's hard disk and making use of only its keyboard, mouse, display, and RAM (512MB minimum), the company explained.

Now, says Spyrus, it has received U.S. Patent No. 7,757,100, which covers the implementation of a secure boot loader to authenticate and check the integrity of an encrypted storage device and the operating system loaded onto it. It's said the new patent was issued on July 13 as a continuation of patent 7,380,140, and additionally describes how user data on the encrypted device can be backed up without decryption.

According to Spyrus, the Secure Pocket Drive has now also been verified as being "Citrix Ready." The combination of Citrix's XenApp and the USB drive "creates a portable computing environment that can be deployed anywhere by mobile workers, without fear of keyloggers or screen-scrapers on home or public PCs capturing passwords and risking the compromise of confidential information," the company says.

Background

Spyrus says its security technology has been designed and developed entirely in the USA, meeting FIPS 140-2 standards. The cryptographic algorithms employed are "the strongest commercially available," including elliptic curve cryptography (ECC), AES, and SHA-2, collectively known as Suite B, the company adds.

The company adds that it first developed a hardware-based pre-boot authentication system for Windows more than ten years ago. Building on this, the Secure Pocket Drive uses a secure boot loader to authenticate and check the integrity of the host PC, and it will not boot the Windows Embedded Standard 2009 operating system if the device has been tampered with, says Spyrus.

According to Spyrus, the Secure Pocket Drive uses FIPS 140-2 Level 3 tamper-resistant epoxy potting, with built-in anti-tamper and self-destruct mechanisms, to protect against unauthorized access to the device and data stored on it. The protected sectors of the device's memory, its operating system, and all data and application files are encrypted with advanced, hardware-based XTS-AES 256-bit encryption, fully compliant with the newly approved NIST SB800-38E security standard, the company adds. Finally, it's said "Suite B On Board" hardware security (ECDSA P-384, EC-DH, AES-256, SHA-384) supports the full set of Suite B cryptographic algorithms for all security services.

Tom Dickens, chief operating office for Spyrus, stated, "Public-sector organizations understand the need for mobility, but are wary of employees using untrusted USB flash devices and home PCs. Security for the Secure Pocket Drive is designed, developed, and manufactured in the U.S.A. to mitigate the dirty supply chain problem that is of increasing concern to governments around the world."


A demonstration of the Secure Pocket Drive
Source: Spyrus
(click to play)

Further information

More information about the Secure Pocket Drive, whose pricing was not cited, may be found on the Spyrus website, here.

Related stories:


Discuss Bootable USB stick includes encrypted Windows Embedded OS
 
>>> Be the FIRST to comment on this article!
 
 
 
>>> More News Articles          >>> More By Jonathan Angel
 




Windows XP for Embedded Applications
This white paper describes the benefits of using Windows XP when developing embedded applications.

A Manager's Guide to Selecting a Mobile Device Operating System
This white paper offers a comparative review of Microsoft Windows CE and Windows Mobile.

Visual Basic 6.0 to .NET Migration
This paper focuses on the methodology and techniques which Infosys (Microsoft Technology Center) has developed for migrating VB 6.0 Applications to .NET. Our approach ensures a smooth, cost effective, and efficient migration.

Mobile Device Security: Securing the Handheld, Securing the Enterprise
This whitepaper identifies security threats to corporate data on mobile devices and details how mobile devices can become a "backdoor" to the enterprise.

Mobile Device Security: The Eight Areas of Risk
It's common knowledge that adding mobile devices to your network increases security risks. There are multiple facets to mobile security, all of which should be paid close attention to. This E-Guide presents a more in depth look into the eight key areas of securing wireless devices.

Quality Assurance and .NET
This paper discusses best practices for functional, regression and load testing of .NET applications.

SCADA Security in Integrated Networks
As businesses leverage their SCADA systems by integrating them into the business networks, they must also assure the security of the SCADA system.

The Advantages of Small Form Factor HMI
HMIs have mutated and changed with new requirements, and they have become more flexible and capable. And while they've been doing that, they've become smaller and more useful.

9 Critical Requirements for Web Application Security
Learn why your Web applications expose dangerous security breaches and what’s required to effectively protect your Web applications and the sensitive information behind them.

Got a HOT tip?   please tell us!
Free weekly newsletter
 Enter your email...

Click here for a profile of each sponsor:
PLATINUM SPONSORS


(Become a sponsor)


(Become a sponsor)
ADVERTISEMENT

(Advertise here)
Updated! The latest Windows-powered...

mobile phones!

other cool
gadgets
HOT TOPICS
Microsoft targets PNDs with new embedded OS
Microsoft tips .NET MF 3.0 highlights
Microsoft previews Windows Embedded Standard
Microsoft offers free Windows CE 6.0 textbook
Microsoft renames embedded operating systems
Microsoft unveils Windows Mobile 6.1
New Atom models target low-cost PCs
REFERENCE GUIDES
Windows Device Showcase
Intro to Windows Embedded
Intro to Shared Source
Real-time Windows Embedded
Windows Embedded books
Join our Windows Embedded discussion forums:
 Windows XP Embedded
Windows CE
Windows Mobile
Windows Embedded developer newsgroups
 Windows CE
XP Embedded
PocketPC
Smartphone
Microsoft's Windows Embedded resources
 Embedded dev center
Mobile dev center
Windows CE tutorials
XP Embedded tutorials
Windows Embedded seminars
Windows Embedded application categories
3rd-party partners
BREAKING NEWS

• Pico-ITX PC takes to the road and the skies
• Thin client offers legacy ports
• Boards add watchdog functionality to PC/104-Plus systems
• 11.6-inch netbook has AMD processor
• Microsoft planning riposte to Google's "Chrome OS"?
• Embedded student competition winner is buggy (on purpose)
• Asus preps convertible netbooks
• Media-savvy reference design sports touchscreen, DVB-H
• Sony joins the netbook fray
• 2010 Census kicks off with Windows Mobile
• Sprint offers 99-cent netbook
• SODIMM module has industrial focus
• Microsoft picks finalists in Embedded Development competition
• Cortex-A8 SBCs target signage and kiosks
• Student competition offers a different kind of fireworks
MOST POPULAR (last 90 days)
• "Netbook" uses Intel's Atom N270
• Windows CE takes on Linux in low-end netbooks
• HTC ups Touch resolution
• Microsoft unleashes new embedded OS
• Windows Mobile phone gets 800 x 480 display
• HTC spins WiMAX phone?
• Smart camera sports Atom
• Dual-core AMD netbook gets rave review
• Windows Mobile 7 "delayed"
• GPS phone uses new Marvell "Tavor" chip
MOST POPULAR (Classics from the vault)
Windows XP Embedded USB boot
Troubleshooting Windows XPe's blue screen "Stop 0x0000007B" error
Asus reveals $190 mini notebook
Windows Mobile 6 SDKs available for download
Windows Mobile VPN client plays with Cisco
HTC adds GPS to Windows Mobile Touch line
Microsoft unveils Windows Mobile 6.1
Guide to HTC's Windows Mobile smartphone platforms
• HTC releases Touch Diamond ROM upgrade
Customizing Windows XP Embedded thin clients
Also visit our sister sites:
Sign up for WindowsForDevices.com's...

Or, follow us on Twitter...