April 9, 2006 9:00 PM PDT
IBM bakes security into processors
- Related Stories
Laptop with HP employee data stolenMarch 22, 2006
Apple calls French law 'state-sponsored piracy'March 22, 2006
Gateway packages up security lineMarch 3, 2006
Allchin: Buy Vista for the securityJanuary 27, 2006
New security proposed for do-it-all phonesSeptember 27, 2005
Microsoft's leaner approach to Vista securityAugust 29, 2005
Blueprint for more-secure servers releasedJuly 22, 2005
Hardware security sneaks into PCsMarch 16, 2005
IBM plans to announce availability of the new technology, dubbed Secure Blue, on Monday. The Armonk, N.Y.-based company envisions its idea and technology will be used in digital media players, electronic organizers, cell phones, computers and devices used by the government and the medical and financial industries.
With Secure Blue, data is encrypted and decrypted as it runs through a processor, according to IBM. It is maintained encrypted in the device memory, or RAM. One of the few times data would not be scrambled is when it is actually displayed.
"There is a lot of concern about leakage of data," Charles Palmer, manager security and privacy at IBM, said in an interview. "If you have an architecture where that information is always encrypted, you go a long way to protect your data."
Secure Blue requires a few circuits to be added to a microprocessor, taking up a small percentage of the overall silicon real estate, according to IBM. The encryption and decryption happens on-the-fly, without any processor overhead, the company said.
The hardwired security technology can be used for multiple purposes, not all of which necessarily serve the device owner. It can protect data when a person's computer or device is lost, stolen or hacked, for example. But content owners can also use it for enforcement of copyright, called digital rights management (DRM), which critics have called a scourge to user freedom.
"This is a technology that can solve a lot of problems," Palmer said. "It can be used for DRM, it can be used for systems management, and it can be used for protecting my information on the BlackBerry." The future will decide how it will be used. IBM on Monday is only announcing availability of the technology, Palmer noted.
The idea of hardware-based security is not new. Millions of laptops already contain a chip called a Trusted Platform Module, or TPM, which offers protected storage of encryption keys, passwords and digital certificates. The idea of the TPM is also coming to servers and mobile phones.
"The TPM is a step in the right direction," Palmer said. "But it is not a bulk encryption device, and it would probably melt if you try to use it for an encrypted anywhere capability."
IBM has built a prototype of Secure Blue using its own PowerPC processor technology. However, the system will work with any processor design, including those from Intel and Advanced Micro Devices that are used in PCs. An IBM representative said the company has not had discussions with Intel or AMD on including Secure Blue in their processors.
8 commentsJoin the conversation! Add your comment