I would like to thank David Lacey for highlighting, in a recent blog post of him (appeared in his Security Blog) , some R&D work done at HP Labs, Systems Security Lab (SSL),that has recently been presented at GC 2008. Here are David’s notes and comments:
“… For several years HP and others have doing some excellent research on how to develop a secure architecture to enable a client platform to run multiple applications of varying sensitivity and risk, whether business or personal.
The future solution, if it can be realised, is to maintain a single client platform with a secure firmware base that can switch between numerous operating system environments, each running a particular environment. This would enable you to separate your business, personal, banking and other operations, reducing the risks to business systems from personal devices and eliminating the phishing.
This approach also transforms the nature of identity management. You can have as many individual persona as you wish. It sounds perfect. But there is one further challenge. The firmware has to be bullet-proof. A single flaw can undermine the whole concept. Let's hope HP can get this right. “
P.S.: to be clear, I am not directly involved in this project – just creating awareness about excellent work done by my colleagues.
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment