resource center
  See your link here
|
IDG News Service -
SAN FRANCISCO -- Ben Fathi no longer runs Microsoft Corp.'s security technology unit. But in his new job as corporate vice president of development at Microsoft's Windows core operating system division, Fathi is still focused on keeping the bad guys away from your PC. Fathi is in charge of building the guts of Windows: its kernel, and technologies associated with security, networking and other aspects of the operating system. At last week's RSA Conference 2007 here, Fathi spoke with the IDG News Service about Windows security. And despite the fact that the first bugs are being reported in Windows Vista, he said it looks like the new client OS is on track to meet his stated goal of Vista having half the flaws that plagued Windows XP during its first year. Excerpts from the interview follow:
What's going to be the big security story this year? What we've done in previous OS releases and Vista, and what our security partners are doing, has treated security as a defensive measure. It's a way of stopping people from attacking you. What we want to do now is move to a world where we actually enable and simplify collaboration between different individuals by making sure that those connections are end-to-end, [and] that you can provide very fine-grained control over the people, the applications and the resources that you give access to.
So what are you doing to make that happen? There's a number of things we're working on. For example, isolation. We [currently] look at isolation in terms of network isolation, whether it's IPsec or putting in firewalls or SSL VPNs. What we want to do is provide a better layer of isolation at the operating system level. We're looking at putting hypervisors underneath the operating system and building a hardware root of trust on the machine.
What that means is that today, if a rootkit makes it onto your machine, it can do a hyperjacking. It can take over the OS, or it can even get underneath the OS so that any software you're running won't even know that it's being lied to by a piece of malware. What we want to do is put the hypervisor there and use things like the [Trusted Platform Module] chip to make sure that the entire boot path is protected and secure and that we can trust it.
This also gives you the ability to create isolation by creating partitions on the machine. Let's say you're running a server. If you consolidate your server
IDG.net
Dell Proconsult Windows 7 Readiness Assessment
Download Now
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
Southern Company
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Defending Against the Storm
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Share our Strength
Download Now
Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!
The Commercialization of ITIL: Lessons Learned
Register for this event today!
Sign up to receive updates on the latest Operating Systems resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
