Page 91 - Trust in ICT 2017
P. 91
Trust in ICT 1
• Self-Encrypting Drive (SED)
Self-Encrypting Drives silently and automatically encrypt all user and system data, making sure this
information doesn’t fall into the wrong hands if the device or drive gets lost. Such drives may also
be remotely wiped if they’re lost or stolen.
• Trusted Platform Module (TPM)
The Trusted Platform Module is a hardware security component built into a computing device that
provides a hardware root of trust for user and device identity, network access, data protection, and
more. TPMs are built into more than half a billion end systems, including many laptops and mobile
devices.
TPM Mobile is a scaled-down TPM designed for mobile environments, which retains the ability to
cryptographically store passwords and digital keys, for example, to verify the device’s identity. TPM
Mobile is expected to be publicly available in the near future.
In addition, TCG has specified a set of fundamental security capabilities that will be required of many IoT
devices. TSG has developed typical IoT security use cases and provides guidance for applying TCG technology
to those use cases. Because IoT devices vary widely in their cost, usage, and capabilities, there is no one-
sizefits-all solution to IoT security. The practical security requirements for different devices and systems will
vary. Therefore, the list of solutions from TCG can be regarded as a menu from which the implementer can
pick the options most suitable for their product or service.
9.3 Important work items for trust provisioning in ICT infrastructure
As a starting point of standardization for trust provisioning in ICT infrastructure, we should firstly consider
the following work items.
• Overview of trust in ICT: It aims to provide a clear understanding of trust form different perspectives
and identify key differentiations compared to security and privacy. It also highlights the importance
of trust in future ICT infrastructure towards knowledge society.
• Service scenarios and capabilities: From various use cases analysis, considering sharing economy, it
is necessary to develop service scenarios for trust provisioning and define required capabilities to
support trust.
• Requirements for trust provisioning: Frome key challenges and technical issues, it is necessary to
specify detailed requirements in terms of different viewpoints, considering various stakeholders.
• Architectural framework: It targets to identify core functions for the future trustworthy ICT
infrastructure and develop architectural models including detailed functional architectures.
• Technical solutions for trust provisioning: It covers methodologies for specifying trust metrics and
measuring trust. It also needs to develop protocol specifications for trust provisioning and
mechanisms for trust-based decision making.
• Trust provisioning in IoT: From the perspective of IoT, it is necessary to develop specific technical
solutions applicable to the IoT applications with the connected devices.
• Trust provisioning in data analytics: From the perspective of big data analytics, it is necessary to
develop specific technical solutions applicable to the processing and analysis of the large amount of
data through cloud computing.
For more specific technical items for standardization, the followings should be considered.
(1) Trust Management
Trust has interactions with all vertical layers – users, applications, computing, networks, things. Thus similar
to security, trust management technology is necessary as a separate common layer which covers all vertical
layers. It basically needs identity management to assure the identity of an entity and support business and
trust applications.
83
