Skip to main content

IBM Research has developed a prototype security solution, running on Linux

First solution to meet the security needs for an on demand business

Select a topic or year

San Francisco, CA, USA - 18 Feb 2004: This is the industry's first solution that allows users to accurately validate the identity and integrity of all software running on a remote server and client machine. This approach uses a combination of software and hardware architecture defined by an industry standard body called the Trusted Computing Group (TCG). The architecture involves the "Trusted Platform Module" (TPM) chip that provides hardware storage of private keys, making it impossible for hackers to spoof computer systems. Any attempts to hack into the system would change the system code, which could be easily detected. By adding a new feature to Linux, the research team has successfully performed security checks that go above and beyond checking the first few steps in powering on the system, the feature designed by TCG. The new solution validates the operating system kernel and all application software running on the system.

As on demand e-business becomes reality, IT infrastructures need to dynamically respond to changing business conditions to drive efficiency, profitability and to capture value in real time. This model will require constant connection and exchanges among systems, which will bring new security challenges. Enterprises used to be able to depend on limited software-based tools to determine if their computing infrastructure was in compliance with the corporate security guidelines. In the on demand world, connected businesses require immediate and highly effective means of measuring the integrity of any systems they are connected to, even through a Grid computing infrastructure or Web services.

Unlike current software-based intrusion detection systems, which are only designed to scan for suspicious patterns in a company's own computer system, this is the first solution that allows users to validate the integrity of the systems they are connected to, including vendors and business partners. If the system's integrity has been damaged, the other machine can either stop exchanging information or isolate and disconnect it from the network. This provides an essential means for verifying the security of computers they are currently using or are considering connecting to in the future.

IBM plans to open source this Linux-based security solution to encourage its adoption by many computer system manufacturers, making this higher level of system integrity a common foundation.

This new solution will be demonstrated at the RSA show in San Francisco, CA (February 23-27, 2004).

Related XML feeds
Topics XML feeds
Chemistry, computer science, electrical engineering, materials and mathematical sciences, physics and services science