[ISN] Spec in Works to Secure Wireless Networks

From: InfoSec News (isn@private)
Date: Mon May 10 2004 - 22:50:11 PDT

  • Next message: InfoSec News: "[ISN] FBI Investigating Cyber-extortion"

    By Mark Hachman 
    May 10, 2004   
    The Trusted Computing Group said Monday that it is working on a
    specification to ensure that wireless clients connecting to a network
    won't serve as a back door to worms and crackers.
    Officials within the TCG, based in Portland, Ore., said the industry
    standards body is developing a "Trusted Network Connect"  
    specification, designed to audit wireless-enabled PCs when they first
    make contact with an enterprise's wireless network.
    The specification will be finalized later this year, said officials
    from the group, which comprises computer and device manufacturers,
    software vendors and others.
    Although a client or customer connecting to an enterprise network may
    not overtly be seeking to do harm, the laptop may in fact hide an
    unpatched system that could serve as an unexpected back door into an
    otherwise secure system. Likewise, a network administrator cannot be
    sure whether a laptop hides a worm that might otherwise have been
    blocked by a wired firewall.
    When completed, the specification will serve as a means by which
    network security and network infrastructure vendors can ensure a level
    of compliance with the best practices of network security, executives
    The spec will improve AAA (authentication, authorization and
    accounting) software's ability to make a decision before allowing
    admission to the system, said Ned Smith, the TCG infrastructure
    working groups' co-chairman and an architect at Intel Corp. in Santa
    Clara, Calif.
    "It's a proactive approach to security," Smith said. The specification
    was designed with wireless clients in mind, although it also may be
    applied to wired networks. he said.
    The specification will specify a level of trust for network endpoints,
    characterized by the version number of specific applications; whether
    those applications have been patched; and whether those OSes and
    applications are free from viruses, as defined by the revision numbers
    of the signature libraries used within antivirus applications.
    If a client fails to meet those specifications, the Trusted Network
    Connect specification will define a process by which the client is
    quarantined until the appropriate patches and antivirus tools have
    been applied.
    The TCG is more commonly known for its Trusted Platform Module (TPM)  
    specification, which defines the parameters for a security chip that
    can be embedded onto a PC's motherboard.
    The TPM is designed to work with the upcoming Next-Generation Secure
    Computing Base (NGSCB) technology in Microsoft Corp.'s Longhorn OS and
    other trusted operating systems to ensure that data is viewed only by
    the appropriate users.
    "Part of what's interesting to the TCG is linking identity-based
    platform authorization to the network connect decision," Smith said.
    Extreme Networks, Foundry Networks Inc., Funk Software Inc.,
    InfoExpress Inc., Juniper Networks Inc., Meetinghouse Data
    Communications, Network Associates Inc., Sygate Inc., Symantec Corp.,
    Trend Micro Inc. and Zone Labs Inc. have joined TCG to participate in
    this effort. TCG members Hewlett-Packard Co., Intel Corp., Verisign
    Inc. and others are also participating.
    ISN mailing list
    Sponsored by: OSVDB.org

    This archive was generated by hypermail 2b30 : Tue May 11 2004 - 08:34:37 PDT