SWID Tags provide enhanced data enabling better network security

The Trusted Computing Group (TCG) released new specifications for public review – the comment period for these specifications is open until Oct 22.  If you work in network security in particular the management of networked computing devices, are interested in the work done by the Trusted Computing Group, or are curious about how SWID tags provide enhanced data for security needs, please review these new specifications targeted at end-point security management and provide your feedback.  In particular, these specifications are designed to enable network operators to enforce policies regarding endpoint integrity when granting access to a network infrastructure.  A key element of this set of standards that differentiates it from other approaches is the fact that it’s based on international standards and supports interoperability and the reuse of discovery data.

The specifications were created in support of its Trusted Network Connect Endpoint Compliance Profile. The Endpoint Compliance Profile describes a profile of TNC standards and capabilities that is optimized for collecting specific types of endpoint identity and state information and retaining this information over time in a searchable repository.

One of the specifications in this suite is the new SWID Message and Attributes for IF-M specification. This specification standardizes how SWID tag information can be requested by a Policy Decision Point and returned by an endpoint. The specification also describes how an endpoint can actively monitor its SWID tag collection for changes and push reports to a Policy Decision Point if a change is detected.

All of the Endpoint Compliance Profile specifications are open for public review and comment through October 22. In particular the TagVault.org and SWID communities should review and comment on the SWID Message and Attributes for IF-M specification to ensure that it aligns with their usage models. Following the public review period the specifications will be revised and published in final form. Feedback on any of these specifications is greatly appreciated.

For more information about TagVault.org, please visit their website – www.tagvault.org.

For more information on the Trusted Computer Group, please visit their website – www.trustedcomputinggroup.org