|
Saqib, I am new to this list, but have worked in the field for some time, and I want to make a point here: the TPM keys are a core security component of this particular FDE solution. That means that the management of those keys needs to be handled by the approved security software, not something else. By saying that Wave could handle the backup/restore/transfer of keys, you are saying that a non-approved piece of software (Wave in this case) will have control over the keys which are used to secure all the data. That is an unacceptable risk for any security solution, to allow another program to manage your encryption keys in any way. While this works for something like the Wave/Seagate partnership, primarily because Seagate provides no management software at all, this is not going to be acceptable for a managed software solution, whether it be Mobile Armor, WinMagic or Pointsec. That software must provide the security and management of the software keys used for encryption. While they may rely on TPM for local storage and physical protection of the keys on the end device, reliance on what would essentially be a third-party solution for backup of those keys would not be acceptable. A main criteria whenever a disk encryption solution is chosen, whether by the government or a corporation, is the safe, secure and known management of all keys, including backup and recovery. If Mobile Armor or anybody went into a sale and said "by the way, you need to buy this other package over which we have no control to backup and manage the keys from the local computers", no one would buy the product. Realize also that this does not mean that Wave could not partner or license their technology for integration into someones solution and acquire a large business in that fashion, but as a direct player at this time in the DARTT market, they would not benefit at this time. Brian Wood Ali, Saqib wrote:
|
_______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
