The growing number of embedded and Internet of Things devices means more attack surfaces and opportunities for mayhem. Many devices were developed with little or no security considerations, and traditional security approaches, including the TCG’s Trusted Platform Module (TPM), don’t work in what are typically very small things designed for low cost, low power and simplicity.
To address this issue, TCG has released the DICE architecture. DICE, or Device Identity Composition Engine, offers a new approach to improving security and privacy – with minimal silicon requirements. With complementary software, DICE offers a way to establish a cryptographically strong device identity, attest software and security policy and enable secure deployment and verification of software updates.
In a new webcast with SecurityLedger.com Founder and Editor-in-chief Paul Roberts talks with TCG DICE work group chair Dennis Mattoon of Microsoft. Mattoon talks with Paul about the basic tenets of foundational security and the role of the root of trust and how TCG has evolved from its original TPM concept to a multi-level approach to securing devices, data and networks. Mattoon also explains what DICE is – and is not – and how it’s probably best deployed, as well as the growing support for it in silicon and supporting software from a number of TCG members.
You can find that podcast here, https://securityledger.com/2018/07/breaking-the-ice-on-dice-scaling-secure-internet-of-things-identities/.
*** This is a Security Bloggers Network syndicated blog from Trusted Computing Group authored by TCG Admin. Read the original post at: https://trustedcomputinggroup.org/tcg-talks-to-securityledger-com-about-dice-in-new-podcast/