Protection and Secure Licensing for TPM Connected Devices
12/04/2016 Terry Gaul
The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware- based root of trusted computing platforms. Systems based on Trusted Computing specifications protect critical data systems against attacks, enable secure authentication, and establish strong machine identity integrity. Its industry standard (ISO) Trusted Platform Module (TPM) specifications are used in billions of devices, and other TCG specifications for secure networks and self-encrypting drives are implemented widely in products from thousands of manufacturers.
One of our goals at Wibu-Systems is to broaden the support for secure elements in all connected devices, including those using TPMs. I’m pleased to say that today we announced that we have joined the TCG and look forward to sharing ideas with industry standards bodies, government agencies, academic institutions, and other special interest groups, all with a laser focus on computing security.
As more and more devices are connected to networks, the attack surface hackers can target expands as well, making the devices vulnerable to viruses, malware or cyberattacks that could result in industrial espionage and create personal safety issues. It’s good to know that member companies of the TCG are working together towards developing standards, tools and technologies that will enable devices manufacturers to take the strong security measures needed to protect against these attacks.
One of the ways that Wibu-Systems is helping TPM users to protect their devices is through the use of our CodeMeter secure licensing platform. CodeMeter creates secured code and licenses that can be bound to the TPM in the target system, ensuring that the code and the licensed features are only used on the system. In addition to safeguarding the device, CodeMeter enables flexible license lifecycle management, enabling new software monetization and business strategies.
If you attended the recent RSA 2016 Security Conference, you might have seen our joint demonstration with Infineon Technologies, another TCG member, where we actually demonstrated the CodeMeter binding of a protected license to an Infineon OPTIGATM TPM 2.0 in the target system with the seamless integration of the license creation and deployment workflow.
On Thursday, April 14, we will present a similar TPM protection and licensing demonstration at the SAE World Congress, where TCG members will demonstrate solutions for automotive and IoT security during the TCG TechHub.