What if you were required to manually enter a password each time you wanted to use a program on your computer? This is exactly the kind of measure we, as technology users, should consider taking up in order to protect ourselves from a complex cyberspace, prey to attacks from all sides. The MEDEA+ Trusted Secure Computing project set out to develop a family of components and software able to efficiently secure our computing, communication and multimedia devices. The innovations developed in the project embrace integrity management, user identification/authentication, as well as privacy management.
In the IT jargon, a trusted security device is a piece of hardware component we all rely on for our computer's security. Current security and privacy methods are mainly based on specific add-on software or specially tailored protection hardware, but this project goes much further. "Protection mechanisms must be present in all system layers from basic hardware, to the basic input/output system (BIOS) and including the operating system" says Jean-Pierre Tual, the project's leader and Director of Industrial Relations at Gemalto. Moreover, the components developed in the project, have been designed in a way that make them compatible with future generations of online connected personal devices – this includes everything from personal digital assistants, TV set-top boxes, Internet services, professional radio, personal video recorders and mobile phones.
Keeping Europe ahead of the competition
Originally launched in mid-2007, the project had two main objectives: "to develop a family of embedded silicon components enforcing secure and trusted computing and to propose a European alternative to US- initiatives related to trusted computing standards while keeping interoperability with some already existing approaches. The TSC project established a solid industrial and academic partnership and the Consortium's ability to cover a wide variety of areas equally and comfortably enabled the project to reach its objectives with rather limited resources.
"It is very satisfying to now have more than ten different applications making full use of components for securing and enforcing privacy in numerous applications or services, pertaining to a large set of day to day activities, in both personal and professional areas" says Mr. Tual. Demonstrators were able to display, for example, direct transcoding of digital-rights information from Blue-ray to DVD recorders, file-transfer control in entertainment networks and anonymity management in a 3G mobile phone. Philips and Gemalto, some of the major industry players involved in the project have already included the new technology in their general offer.
90% of laptops already equipped
Millions of people are regularly downloading applications onto their smartphone. It is essential, whilst making the most of a selection of applications, to guarantee the safety of the vast amount of personal information that a smartphone is able to hold. For example, the mobile, anonymous, access-control services (MACCS) system developed by Orange and Gemalto enables mobile-phone users access to a higher level of security. This privacy enhancing solution also finds applications in other fields such as ticket-based services including transport or cultural and events. The corresponding market is expected to explode from 2011 onwards.
The exploitation of the project results in fact already well on its way: at the moment, about 90% of laptops are equipped with a trusted processor module (TPM), and TSC has helped STMicroelectronics, one of the main partners in the project, to maintain its leadership in a market in which European Union countries hold over a 70% market share. STMicroelectronics also plans to sell the new TPM solutions to most personal computer (PC) manufacturers from Asia and the USA and is expecting important return on investment linked to the boom of new Internet linked devices to come.
Taking the public sector on board
Interestingly, many partners in the project, mainly French and Spanish on their hand will exploit project results in their multilevel security systems targeting not only companies but also the public sector through e-government and e-services applications. The hardware modules developed by Bull, another project participant, will be used in the coming years for the delivery of electronic passports.
The MEDEA+ TSC project brought a decisive contribution in securing the competitive power of the European industry in a wide range of key industrial sectors (computer, mobile, professional radio, consumer sector) where security and trust are becoming a decisive appreciation factor for the users. In their own individual ways, The EUREKA Project's partners each made the most of the extraordinary results of this major project, and succeed in providing every type of consumer with improved trusted computing.