backtop


Print 15 comment(s) - last by Trisped.. on Apr 4 at 5:38 PM

Hardware-enabled security will fight traditional Windows malware, growing mobile malware epidemic

Many were surprised when Intel Corp. (INTC), the world's largest chipmaker, scooped up veteran security firm McAfee in August 2010.  While the fit of hardware company plus software vendor seemed an odd equation, it began to make sense when put in the context of growing interest in hardware-based security solutions.

Even as Intel has moved to put some of those designs on-die with technologies like Trusted Execution, one of the chipmaker's top rivals -- architecture and intellectual property (IP) core licenser ARM Holdings plc (LON:ARM) -- has announced a brand new hardware security initiative of its own.

ARM already has baked a Trusted Execution Environment (TEE) solution dubbed "ARM TrustZone" into every one of its ARM Cortex A-Series cores, such as those found in Apple, Inc.'s (AAPL) iPhone or the Samsung Electronics Comp., Ltd. (KS:005930) Galaxy Nexus.  The key now is to enable the hardware capabilities with supported software and operating system solutions.

To that end ARM is pairing with Giesecke & Devrient, makers of a custom heavily sandboxed, remotely manageable TEE operating system dubbed "Mobicore".  As an alternative to iOS or Android, companies could flash employee handsets with Mobicore, which is now being accelerated and enabled directly by hardware, thanks to the new partnership.

ARM Mobicore
Mobicore is a new highly secured, highly manageable mobile operating system, which runs on ARM's latest processors. [Image Source: Gi-De]

ARM has also paired with Gemalto NV (EPA:GTO), another security-oriented service provider.  Gemalto will aim to enable secure transactions for "traditional" mobile operating systems, such as Android.  Using the TEE hardware, Gemalto can deliver encrypted key validated movie or TV show rentals to a smartphone, tablet, or ARM laptop.

By fighting mobile malware and making it easier to establish secure wireless data connections, ARM's new security muscle is helping make its smartphones and tablets safer for IT businesses.  It will also open new capabilities for ARM as it races to challenge Intel in the personal computer space later this year.

ARM describes the new effort writing:

Devices with a TEE will provide consumers with more secure, user-friendly experiences that simplify and speed up how they interact with their digital world. This will enable them to use their smart, connected devices more frequently to access an increasing range of applications and services in a secure way. This includes mobile payment, enterprise productivity and mobile banking applications, as well as online commerce and premium content services.

Warren East, CEO of ARM stated, "The integration of the hardware, software and services necessary for system-wide security has been slow.  I am confident that this new joint venture will accelerate the adoption of a common security standard, enabling a vibrant ecosystem of secure service providers to emerge. This will be of significant step in terms of improved consumer trust in secure transactions on connected devices."

The three companies (Gi-De, Gemalto, and ARM Holdings) will operate a joint venture together, to develop new kinds of ARM core security solutions.

Sources: Gemalto, Giesecke & Devrient



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Intel + McAfee
By fic2 on 4/3/2012 6:53:15 PM , Rating: 3
I think the big surprise there was the McAfee part not that Intel would buy a security company. More that they would buy arguably the worst of the bunch.




RE: Intel + McAfee
By petschska on 4/3/2012 9:05:48 PM , Rating: 2
Unless you want to pay a very large multiplier on earnings or try a hostile takeover, you buy companies up for sale. McAfee may have been the only security company up for sale at the time.


RE: Intel + McAfee
By Trisped on 4/4/2012 5:31:02 PM , Rating: 2
I think this depends on your personal experience.
I used McAfee for a year without problems, Norton for 2 years and the second year was nothing but problems, VIPRE for a year (it was so bad I had to disable it in order to use the computer), Spy Sweeper for 2 years with a number of problems, and Trend Micro for a year without problems.

I have heard good and bad about all the major vendors, but only experienced good from McAfee.


TrustZone?
By shabby on 4/3/2012 5:03:44 PM , Rating: 2
I would prefer if they called it the TrustTree.




RE: TrustZone?
By 3DoubleD on 4/3/2012 5:37:05 PM , Rating: 2
How about "Circle of Trust"?


In other words.
By derricker on 4/4/2012 2:28:09 PM , Rating: 2
ARM's version of Intel's Paladium.




RE: In other words.
By Trisped on 4/4/2012 5:38:13 PM , Rating: 2
I was going to ask if this was already integrated into x86/x64 processors.

It sounds a lot like Trusted Execution which came out on Intel/AMD processors years ago.


key to security
By Mike Acker on 4/4/2012 9:50:08 AM , Rating: 2
to get security you must absolutely take absolute control over what programs are allowed to be installed, and you must limit transient programs i.e. executable documents to their 'sand box'

the real trouble you have is when the customer wants to move an executable document to another area in the system -- where it might gain privilege that would allow unauthorized software to be executed or installed.

at the end of the day this means curtailment of much of what is common practice today. If you want to run your program on someone else' computer that will only be allowed under severe restrictions: you can enhance the presentation but no access to the host computer system. no snooping. no updates. no installs.




Hmm?
By name99 on 4/3/12, Rating: -1
RE: Hmm?
By fic2 on 4/3/2012 8:19:36 PM , Rating: 2
Pretty sure that Apple has heard of ARM since they use their cpus in the iPhone and the iPad.

Other than that I am not really sure what your whole rambling diatribe is about but I am sure it was written on an iDevice.


RE: Hmm?
By name99 on 4/3/2012 8:48:31 PM , Rating: 2
quote:
Other than that I am not really sure what your whole rambling diatribe is about

OK, let me make it simple for you:
Do you want a world of sandboxes or not? A world where HW restricts what code can run, or not?


RE: Hmm?
By Reclaimer77 on 4/3/12, Rating: -1
RE: Hmm?
By name99 on 4/4/2012 12:24:13 AM , Rating: 2
Seriously, dude? You don't know what a sandbox is, but feel qualified to comment on an article about security?

http://en.wikipedia.org/wiki/Sandbox_(computer_sec...


RE: Hmm?
By martin5000 on 4/4/2012 4:39:22 AM , Rating: 2
Wow, you refer to ARM as a company no one has ever heard of, and yet expect people to take your comment seriously?


RE: Hmm?
By name99 on 4/4/2012 1:38:55 PM , Rating: 2
Not ARM. Giesecke & Devrient.


"We shipped it on Saturday. Then on Sunday, we rested." -- Steve Jobs on the iPad launch














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki