http://www.eweek.com/article2/0,1759,1590243,00.asp By Mark Hachman May 10, 2004 The Trusted Computing Group said Monday that it is working on a specification to ensure that wireless clients connecting to a network won't serve as a back door to worms and crackers. Officials within the TCG, based in Portland, Ore., said the industry standards body is developing a "Trusted Network Connect" specification, designed to audit wireless-enabled PCs when they first make contact with an enterprise's wireless network. The specification will be finalized later this year, said officials from the group, which comprises computer and device manufacturers, software vendors and others. Although a client or customer connecting to an enterprise network may not overtly be seeking to do harm, the laptop may in fact hide an unpatched system that could serve as an unexpected back door into an otherwise secure system. Likewise, a network administrator cannot be sure whether a laptop hides a worm that might otherwise have been blocked by a wired firewall. When completed, the specification will serve as a means by which network security and network infrastructure vendors can ensure a level of compliance with the best practices of network security, executives said. The spec will improve AAA (authentication, authorization and accounting) software's ability to make a decision before allowing admission to the system, said Ned Smith, the TCG infrastructure working groups' co-chairman and an architect at Intel Corp. in Santa Clara, Calif. "It's a proactive approach to security," Smith said. The specification was designed with wireless clients in mind, although it also may be applied to wired networks. he said. The specification will specify a level of trust for network endpoints, characterized by the version number of specific applications; whether those applications have been patched; and whether those OSes and applications are free from viruses, as defined by the revision numbers of the signature libraries used within antivirus applications. If a client fails to meet those specifications, the Trusted Network Connect specification will define a process by which the client is quarantined until the appropriate patches and antivirus tools have been applied. The TCG is more commonly known for its Trusted Platform Module (TPM) specification, which defines the parameters for a security chip that can be embedded onto a PC's motherboard. The TPM is designed to work with the upcoming Next-Generation Secure Computing Base (NGSCB) technology in Microsoft Corp.'s Longhorn OS and other trusted operating systems to ensure that data is viewed only by the appropriate users. "Part of what's interesting to the TCG is linking identity-based platform authorization to the network connect decision," Smith said. Extreme Networks, Foundry Networks Inc., Funk Software Inc., InfoExpress Inc., Juniper Networks Inc., Meetinghouse Data Communications, Network Associates Inc., Sygate Inc., Symantec Corp., Trend Micro Inc. and Zone Labs Inc. have joined TCG to participate in this effort. TCG members Hewlett-Packard Co., Intel Corp., Verisign Inc. and others are also participating. _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Tue May 11 2004 - 08:34:37 PDT