The Lure of Perfect Security

What if we could create electronic documents that only authorized readers could access? Or images only pre-identified users could view, and music only select listeners could hear? If doable, this might be worth purchasing even if the cost were a bit high.

Perfect control over intellectual property, right down to the precise ability to allow someone to listen to a CD three times and three times only, is seductive to say the least. What would the music, publishing and entertainment industries be willing to pay to regain control over their products? What would any company pay in order to achieve perfect access control of all electronic documents and data?

This vision of the future is really a Silicon Valley vision of the past. In October 1999, Intel, Compaq, HP, IBM and Microsoft initiated the Trusted Computing Platform Alliance ( The TCPA now totals more than 170 member companies.

Its stated mission is to “…drive and implement specifications for an enhanced HW and OS based trusted computing platform that implements trust into client, server, networking, and communication platforms.”

How does it propose to accomplish this? By creating a hardware platform containing a hard-coded control system serving to uniquely identify the hardware. This in turn collaborates with the operating system to allow the PC to execute/decrypt only the applications/data authorized for that particular machine. A rather clever – even elegant – solution to a persistent set of security problems.

The Spectre Of Abuse

One way to think of this is as hardware-enforced identity checks. Once you can uniquely identify a PC or a specific peripheral, then all types of things become possible. Which is what is raising the spectre of abuse in some circles.

TCPA is well aware of these concerns. In the TCPA Specification/TPM Q&A (July 2002 update) the question is raised: “Is the real “goal” of TCPA to design a TPM (Trusted Platform Module) to act as a DRM (Digital Rights Management) or Content Protection device?

No. The TCPA wants to increase the trust that users and remote entities will have in the user’s platform. The increase in trust comes from the mechanisms provided by the TPM.”

While it is not the stated goal, TCPA does deliver DRM capability. And if the capability exists, companies will take advantage of it. Will the next version of Windows operate on anything but a TCPA device? Will other applications? TCPA, regardless of intent, delivers hardware-enforced EULAs (End User License Agreements) – an interesting concept if you’ve read any EULAs recently.

There is no doubt that any system that can deliver perfect security offers huge benefits. A system that would allow only ‘certified’ applications to operate is totally safe against all virus attacks. If it can’t run, it can’t propagate. That alone is useful.

What About The Risks?

There are, however, risks involved in perfect security in an imperfect world. A file that cannot be read by anyone except the owner is of undeniable value to the owner, especially if that person resides on the other side of the law. Would law enforcement agencies allow the creation of such a system without some way of circumventing it? The notion of allowing Al Queda to create files that cannot be read seems, at best, unlikely.

Another aspect of TCPA is the notion that software is often authorized for usage for a finite period of time. These types of agreements work fine when everything runs smoothly, but they shift the negotiating power (unfairly?) to the software vendor when the next payment deadline arrives. Not to mention that sometimes things go wrong and deadlines, through human error of course, arrive unexpectedly early.

If you’re interested in the other side of TCPA issues you might want to read some commentary ( ) by Ross Anderson of Cambridge University Computer Labs.

Strange how when we finally arrive at the threshold of achieving a long sought after goal, there are as many possible problems as there are benefits. Perfect security might be around the corner. Any takers?

Peter de Jager is a speaker and consultant on management issues relating to Managing the Future. Contact him at