IBM to build content protection technology into processors

Yorktown Heights (NY) - IBM today announced a hardware-based technology that is squarely aimed at preventing the unauthorized use digital content on consumer electronics medical devices and defense systems. Built directly into the processor "SecureBlue," the technology promises to provide much more robust content protection than software-based DRM systems available today.

IBM's idea is based on encrypting content and access keys, which is not that unusual in high-end and enterprise server systems, but tends to be expensive in cost and system performance and therefore has not been an option for the industry so far. SecureBlue, IBM claims, brings the same level of protection for the first time to "low-cost, relatively low performance electronics."

"Secure Blue protects the confidentiality and integrity of information on a device through encryption, encoding it to prevent its unauthorized use, even from an adversary that has physical access to or control of the device," IBM said. The company did not provide details on how SecureBlue works and limited the explanation of the technology to describing it as an "overlaying 'on chip' security layer." However, SecureBlue does not appear to be an entirely new idea, as the company already described the technology as part of its "Trust Framework for the DoD Network-Centric Enterprise Services (NCES) Environment" in a paper published in February of 2004.

In this paper, SecureBlue is described as "a secure processor chip that can protect the confidentiality and integrity of data as well as the integrity of a computing device so that the device performs the function it's supposed to perform and cannot be compromised and made to do something else." Author Chris Daly mentions that the technology may also provide building blocks that can be used in combination with a "variety of secure System-on-chip (SoC) designs."

The functionality of SecureBlue is very similar to the TCG specification, which has brought us the trusted platform module (TPM) - a chip on the motherboard that securely stores digital information. However, while the Trusted Computing Group do not promote the technology as a digital rights management solution, IBM's explicitly highlights SecureBlue's features to protect digital content: "Secure Blue has the potential to be a security 'seal of approval' in industries such as consumer, medical, government & defense and digital media. (...) [It] can be used to protect the confidentiality of all the information on a device including documents, presentations and software as well as the keys that are used for communications security or digital signatures."

While the company did not say which specific processors may carry its SecureBlue technology one day, it mentioned it considers the technology as foundation for "strong security" in consumer electronic products in general.