[ISN] WinHEC: Microsoft revisits NGSCB security plan

From: InfoSec News (isn@private)
Date: Fri May 07 2004 - 06:50:50 PDT

  • Next message: InfoSec News: "[ISN] Small Biz Puts Protection Before Continuity In Survey"

    http://www.nwfusion.com/news/2004/0505msngscb.html
    
    By Joris Evers
    IDG News Service
    05/05/04
    
    Microsoft is revisiting its Next-Generation Secure Computing Base
    (NGSCB) security plan because enterprise users and software makers
    don't want to be forced to rewrite their code to take advantage of the
    technology, the company said Wednesday.
    
    In response to feedback from users and software makers, Microsoft is
    retooling NGSCB so at least part of the security benefits will be
    available without the need tor recode applications, Mario Juarez, a
    Microsoft product manager, said in an interview Wednesday at the
    vendor's Windows Hardware Engineering Conference (WinHEC).
    
    "We're revisiting the way that the architecture needs to be built in
    order to accommodate the feedback that we have gotten and provide the
    broader value that we want the technology to provide," he said.  
    Microsoft is making changes to NGSCB, but is not discarding previous
    work or going back to the drawing board, Juarez stressed.
    
    Microsoft announced NGSCB in 2002. The technology, formerly known by
    its Palladium code name, uses a combination of software and hardware
    that Microsoft says will boost PC security by providing the ability to
    isolate software so it can be protected against malicious code. The
    software maker plans to incorporate the technology in Longhorn, the
    successor to Windows XP expected out in 2006.
    
    NGSCB was demonstrated for the first time a year ago at the 2003
    WinHEC. Attendees at Microsoft's Professional Developers Conference in
    Los Angeles last October received a developer preview of NGSCB. That
    preview was meant to give developers a feel of what it is like to
    develop an application that uses NGSCB security.
    
    Meanwhile, Microsoft has been gathering feedback and is now working on
    incorporating that feedback, according to Juarez. As a result, NGSCB
    will change. Software makers and enterprise users will be able to take
    advantage of part of the technology out of the box, without the need
    to rewrite their applications, Juarez said.
    
    Originally Microsoft had limited NGSCB to provide strong protection
    for very small amounts of data through protected agents. Applications
    would have to be rebuilt to include a protected agent that would run
    in a secured space on the system. Now Microsoft is working to revise
    the NGSCB technology so it is possible to secure more bits without
    having to rewrite applications, Juarez said.
    
    "We can't provide the level of specifics that we provided last year
    because we're still in the process of sorting out the details," Juarez
    said. "We will have more specifics later this year about how the
    technology will be implemented based on the feedback."
    
    NGSCB includes a new software component for Windows called a "nexus,"  
    and a chip that can perform cryptographic operations called the
    trusted platform module. NGSCB also requires changes to a PC's
    processor and chipset and the graphics card. The combination of
    hardware and software creates a second operating environment within a
    PC that is meant to protect the system from malicious code by
    providing secure connections between applications, peripheral
    hardware, memory and storage.
    
    Microsoft has pitched NGSCB as a boon for its customers, though
    critics have argued that it will curtail users' ability to control
    their own PCs and could erode fair-use rights for digital music and
    movie files. Corporate users will likely be first to buy in to the
    technology, Microsoft has said. Early applications will include secure
    messaging and other applications especially interesting for corporate
    PC users, the company has said.
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Fri May 07 2004 - 08:51:20 PDT