PC 300PL: The world's securest desktop?

IBM thinks so. Equipped with a new embedded security chip, the PCs generate and store keys for private and public key-sharing apps.

IBM claims its new PC 300PL desktops, announced Tuesday, are the most secure PCs on the market.

Backing up that claim is a new embedded security processor, available in new PC 300PL models. The chip, located on the motherboard of the PCs, will support public key, private key security and digital signatures, IBM officials said.

"For customers who are crossing the 'e-line' into e-business, security becomes a big issue," said Anne Gardner general manager for desktop systems at IBM's Personal Systems Group. The security processor is able to generate and store keys for private and public key-sharing applications, such as those used for encrypted email or in electronic commerce. The chip can also generate and store keys for digital signatures, according to IBM. Using hardware to generate encryption keys offers users an additional level of trust, Gardner said, because hardware is generally more difficult to crack than software-based encryption.

IBM is targeting four areas of security with the chip, including authenticity, privacy, information integrity and non-repudiation. The chip will help, for example, with authentication, allow a company to better identify that a party placing an order is really who they say they are or develop binding, trackable documents in the case of non-repudiation, she said.

IBM will ship PCs including the security processor with the chip turned off by default. It can be turned on with a software applet included on the new PC. "It is up to the end user or the network administrator to go in and enable this," Gardner said.

The chip is included for no extra charge in PC 300PL models. It will ship later with other IBM client systems, including desktops and notebooks, Gardner said. IBM also intends to make the processor available to other PC makers in hopes that it will become a standard technology in the PC industry, she said.

Besides the security processor, IBM is also including with the new PC 300PL models, a utility called User Verification Manager or UVM. IBM says the utility can be used along with its Policy Director software to set up user identities and determine access rights and privileges.

The new desktops also support Internet Protocol Security or IPSec. The technology, which is embedded in network interface cards, allows for the encryption of information sent over a network to another IPSec-enabled computer. It does so by encrypting the data packets sent between computers. This works to prevent information theft by a technique called packet sniffing, where packets of information flowing over a network are captured and re-assembled, allowing a person to read the data they carry.

The new IBM PC 300PL models will offer Intel's latest Pentium III processors. They are priced starting at about $1349 (£836), according to the company.

IBM isn't the only company working to offer hardware security. Intel has included in its 800 family of chip sets a random number generator. The random numbers generator translates thermal noise created by an Intel processor into random number pattern. That number can then be used by cryptography software in encryption.

Intel is also still shipping its Processor Serial Number feature on new Pentium III chips. However, due to privacy concerns, it has cancelled plans to deliver tools that allow Web sites and other businesses to take advantage of the feature. PSN is now used mostly by network management software to help companies keep track of their PCs.

Take me to the Hackers news special