IBM Equips PCs With Security on a Chip

The computer's ID is stored on a chip and encrypted to limit access to a special processor

by / September 21, 2004
IBM is currently shipping PCs with a chip designed to protect passwords and other sensitive identity information. The chip, National Semiconductor's SafeKeeper Trusted I/O device, stores the computer's identity on silicon and encrypts it with a key only accessible to a specialized processor. This approach locks the computer's ID to the PC, protecting it from user error and hacking attempts.

Unlike other security hardware, National's Trusted I/O devices integrate a Trusted Platform Module (TPM), Super I/O and embedded firmware to implement industry-standard Trusted Computing Group security functions. TPMs are microcontrollers that securely store passwords, digital certificates and encryption keys for PCs and other systems. These devices, which comply with Trusted Computing Group (TCG) specifications, protect computer software, such as BIOS, operating systems and applications, from unauthorized or malicious attacks. IBM has used TPMs since 1999.

National developed its Trusted I/O devices to meet the Trusted Computing Group's TPM 1.1b specification. TCG developed these specifications with industry-leading system, silicon and software providers to create standard interfaces and interoperability between hardware and software layers. These industry standard interfaces allow National to partner with security software developers such as IBM and Wave Systems Corp. to offer customers multiple software solutions that work in conjunction with National's integrated hardware.

According to a story by CNET, Hewlett Packard and Dell may also add the technology to new computers.