RealTime IT News

IBM's Answer to Security Blues

IBM said it's developed technology that promises to bring mainframe-inspired levels of security to PCs, cell phones, PDAs and other digital devices.

Details are sketchy. But IBM said its SecureBlue technology is a hardware-based security architecture that can be built into microprocessors.

No release date was made available. IBM Research said it planned to collaborate with partners across key consumer electronic, medical, government and digital media industries to integrate SecureBlue in their products.

"Security is the highest priority in the data center and in a secure network -– but it is only half the equation. To have a truly secure system, security must be addressed end-to-end -- from the data center all the way to the end user," said Charles Palmer, manager of security and privacy at IBM Research, in a statement. "SecureBlue has the potential to be a security 'seal of approval' in industries such as consumer, medical, government, defense and digital media."

Using its hardware approach, IBM's SecureBlue plans to give digital devices the ability to frequently encrypt and decrypt data that's usually reserved for more powerful data centers.

PGP, a provider of enterprise security software, welcomed IBM's security focus, though it was skeptical of near-term adoption at the corporate level.

"IBM's announcement is a good message to the marketplace of how a serious, large player like IBM takes encryption," Andrew Krcik, vice president of marketing for PGP, told internetnews.com. "We've been hearing rumblings of other major chip manufacturers doing similar things."

Krcik ticked off two major theoretical advantages to hardware based security: First, faster performance and second, encryption built into the hardware is more tamper proof than a software solution.

But for enterprise products, Krcik said security isn't proving to be a performance bottleneck.

"Our experience with enterprise customers is that they aren't looking for technology breakthroughs as much as they are for ways to easily secure their assets," said Krcik. "To change a hardware solution you have to change the chip. We allow you to make changes to security parameters from a central console, whether it's servers, PCs, laptops, BlackBerrys or instant messaging."

Krcik said PGP would look for ways to work with and enhance SecureBlue products, should they catch on.

IBM said SecureBlue's encryption would also help combat the physical theft of digital devices by protecting the data stored on them. SecureBlue can be employed to protect data files, documents, presentations, software as well as the keys that are used for communications security or digital signatures.