- Related Stories
-
Laptop with HP employee data stolen
March 22, 2006 -
Apple calls French law 'state-sponsored piracy'
March 22, 2006 -
Gateway packages up security line
March 3, 2006 -
Allchin: Buy Vista for the security
January 27, 2006 -
New security proposed for do-it-all phones
September 27, 2005 -
Microsoft's leaner approach to Vista security
August 29, 2005 -
Blueprint for more-secure servers released
July 22, 2005 -
Hardware security sneaks into PCs
March 16, 2005
IBM plans to announce availability of the new technology, dubbed Secure Blue, on Monday. The Armonk, N.Y.-based company envisions its idea and technology will be used in digital media players, electronic organizers, cell phones, computers and devices used by the government and the medical and financial industries.
With Secure Blue, data is encrypted and decrypted as it runs through a processor, according to IBM. It is maintained encrypted in the device memory, or RAM. One of the few times data would not be scrambled is when it is actually displayed.
"There is a lot of concern about leakage of data," Charles Palmer, manager security and privacy at IBM, said in an interview. "If you have an architecture where that information is always encrypted, you go a long way to protect your data."
Secure Blue requires a few circuits to be added to a microprocessor, taking up a small percentage of the overall silicon real estate, according to IBM. The encryption and decryption happens on-the-fly, without any processor overhead, the company said.
The hardwired security technology can be used for multiple purposes, not all of which necessarily serve the device owner. It can protect data when a person's computer or device is lost, stolen or hacked, for example. But content owners can also use it for enforcement of copyright, called digital rights management (DRM), which critics have called a scourge to user freedom.
"This is a technology that can solve a lot of problems," Palmer said. "It can be used for DRM, it can be used for systems management, and it can be used for protecting my information on the BlackBerry." The future will decide how it will be used. IBM on Monday is only announcing availability of the technology, Palmer noted.
The idea of hardware-based security is not new. Millions of laptops already contain a chip called a Trusted Platform Module, or TPM, which offers protected storage of encryption keys, passwords and digital certificates. The idea of the TPM is also coming to servers and mobile phones.
"The TPM is a step in the right direction," Palmer said. "But it is not a bulk encryption device, and it would probably melt if you try to use it for an encrypted anywhere capability."
IBM has built a prototype of Secure Blue using its own PowerPC processor technology. However, the system will work with any processor design, including those from Intel and Advanced Micro Devices that are used in PCs. An IBM representative said the company has not had discussions with Intel or AMD on including Secure Blue in their processors.
- More from News.com on this story's topics
Security
Mobile/wireless
Consumer hardware
Authentication and encryption
Processors
IBM
See more CNET content tagged:
encryption technology,
IBM Corp.,
IBM PowerPC,
microprocessor,
digital-rights management
- Whos been nicking ideas?
- Isn't a similar principle used in the XBOX 360?
- Reply to this comment
- Only way of getting DRM on Linux
- It can't be don in software as the software and the system must remain open. Hardware decoders are the only way of getting DRM on Linux. The interface to the decoder would have to be open, and there'd have to be mechanisms for moving keys as you change platform.
- Reply to this comment
- Hardware Upgrades
- What happens if you want to upgrade your hardware in the future or if you have a hardware failure. Will all your data that is encrypted on the hd not be accessible with a different cpu?
- Reply to this comment View reply
- So what does this protect against?
- I can see it working to stop someone reading data off the RAM chips if they got them out of the machine and into cold storage fast enough, but I can get very close to level of protection through software alone. What I wonder is, does this do anything to protect against malicious software? I suspect not, but the article does not say.
- Reply to this comment
... or log in manually to your email client and click the link in our email. Once you have confirmed your registration, please log in.
Get more done with Windows Mobile