Computer users face an increased risk from the transmission of
viruses in encrypted form, following the launch of a security
initiative today.
Helen BeckettThe Trusted Computing Platform Alliance, which is backed by
major companies such as Microsoft, Hewlett-Packard and Compaq, has
released a security standard based on the use of a 256-bit IBM
encryption chip.
Security consultants agree that a standard that builds security
defences into hardware as well as into software makes information
systems harder to hack.
However, Neil Barrett, technical director of the Information
Risk Management, has warned that no system can offer total immunity
against security breaches, and users of the standard risk passing
on viruses or compromised data in a trusted, encrypted format.
"Implementing encryption at chip level could make things worse -
not technically - but in terms of the business and legal procedures
that surround the transaction," he said.
The TCPA standard covers a range of issues including single
sign-on, digital signatures, public key infrastructure and
protected storage. The IBM chip resides on the user's motherboard
to protect private key information.