IBM plans to extend Cisco's Lightweight Extensible Access Protocol (LEAP) to its security chips. LEAP authenticates users accessing Cisco networks at the edge of the network.
"We're working on enhancing the LEAP protocol to use our chip to do secure storage and to support encryption," said Clain Anderson, the personal computing division's director of client security at IBM.
Last year Cisco submitted LEAP to the IEEE as 802.11i, a security draft standard that runs over 802.1x.
IBM has shared the intellectual property in its security chip technology with the Trusted Computing Platform Alliance, an industry workgroup focused on trust and security. "We expect that it will sooner or later be showing up in handhelds, PDAs, and phones," Anderson said, adding that ultimately all systems will have personal firewalls and security chips.
"The idea of putting [an authentication mechanism] into a client [rather than in a server] is intriguing," said Pete Lindstrom, an analyst at Hurwitz Group. "The dynamic generation of security keys is a performance-intensive operation, and putting it into chips makes sense."
IBM and Toshiba already ship notebooks that support LEAP.
Ron Seide, a product-line manger at Cisco, points out that alternatives to LEAP exist, including Microsoft's EAP-TLS (Transport Layer Security) and Funk Software's EAP-TTLS (Tunneled TLS) - two protocols that have also been submitted as standard drafts.
Seide also mentions PEAP (Protected EAP) - which provides a more open means for working with all Remote Authentication Dial-In User Service (RADIUS) servers, as opposed to the proprietary approaches available from Cisco and Microsoft, among others.