[ISN] Spec in Works to Secure Wireless Networks

InfoSec News isn at c4i.org
Tue May 11 01:50:11 EDT 2004


By Mark Hachman 
May 10, 2004   
The Trusted Computing Group said Monday that it is working on a
specification to ensure that wireless clients connecting to a network
won't serve as a back door to worms and crackers.
Officials within the TCG, based in Portland, Ore., said the industry
standards body is developing a "Trusted Network Connect"  
specification, designed to audit wireless-enabled PCs when they first
make contact with an enterprise's wireless network.

The specification will be finalized later this year, said officials
from the group, which comprises computer and device manufacturers,
software vendors and others.

Although a client or customer connecting to an enterprise network may
not overtly be seeking to do harm, the laptop may in fact hide an
unpatched system that could serve as an unexpected back door into an
otherwise secure system. Likewise, a network administrator cannot be
sure whether a laptop hides a worm that might otherwise have been
blocked by a wired firewall.

When completed, the specification will serve as a means by which
network security and network infrastructure vendors can ensure a level
of compliance with the best practices of network security, executives

The spec will improve AAA (authentication, authorization and
accounting) software's ability to make a decision before allowing
admission to the system, said Ned Smith, the TCG infrastructure
working groups' co-chairman and an architect at Intel Corp. in Santa
Clara, Calif.

"It's a proactive approach to security," Smith said. The specification
was designed with wireless clients in mind, although it also may be
applied to wired networks. he said.

The specification will specify a level of trust for network endpoints,
characterized by the version number of specific applications; whether
those applications have been patched; and whether those OSes and
applications are free from viruses, as defined by the revision numbers
of the signature libraries used within antivirus applications.

If a client fails to meet those specifications, the Trusted Network
Connect specification will define a process by which the client is
quarantined until the appropriate patches and antivirus tools have
been applied.

The TCG is more commonly known for its Trusted Platform Module (TPM)  
specification, which defines the parameters for a security chip that
can be embedded onto a PC's motherboard.

The TPM is designed to work with the upcoming Next-Generation Secure
Computing Base (NGSCB) technology in Microsoft Corp.'s Longhorn OS and
other trusted operating systems to ensure that data is viewed only by
the appropriate users.

"Part of what's interesting to the TCG is linking identity-based
platform authorization to the network connect decision," Smith said.

Extreme Networks, Foundry Networks Inc., Funk Software Inc.,
InfoExpress Inc., Juniper Networks Inc., Meetinghouse Data
Communications, Network Associates Inc., Sygate Inc., Symantec Corp.,
Trend Micro Inc. and Zone Labs Inc. have joined TCG to participate in
this effort. TCG members Hewlett-Packard Co., Intel Corp., Verisign
Inc. and others are also participating.

More information about the ISN mailing list