Just another site

NIST on securing mobile devices

NIST on securing mobile devices

This is a very technical draft paper concerned with trusted computing on mobile devices such as smart phones and notebooks.  I suggest reading the Abstract first.  There, the authors write and I quote:  “Many mobile devices are not capable of providing strong security assurances to end users and organizations. Current mobile devices lack the hardware-based roots of trust that are increasingly built into laptops and other types of hosts.” (end_quote).  As examples of mobile devices, the keywords include: smartphone and tablet.
It’s a draft document and NIST are inviting comments: “NIST requests comments on draft NIST SP 800-164 by December 14th, 2012. Please submit all comments to” [9 days left].

The essential section for me was section 4 on roots of trust.  This draft document, in my opinion, provides a counterpoint to those who say that BYOD in the company is just a fact of life …

My assessment:  Doing a clean install of Linux on a desktop or laptop computer from trusted media (where digital signatures are validated) provides a higher level of assurance than the new world of smartphones and related mobile gadgets.




Written by meditationatae

December 5, 2012 at 4:16 pm

Posted in History

%d bloggers like this: