Microsoft calls for talks on Internet trust, safety
Launches 'End to End Trust' effort, touts 'trusted stack' and calls for input
Computerworld - Microsoft Corp. today called for broad discussions about the safety of the Internet in an initiative it dubbed "End to End Trust" in a white paper released during the RSA Conference that opened today in San Francisco.
In a keynote address at the security conference , Craig Mundie, chief research and strategy officer at Microsoft, talked up the company's plans. Core to the concept of End to End Trust, said Mundie, is something he called "a trusted stack," where security is housed or rooted in the hardware, but each piece -- the hardware, software, the data and even the people involved -- can be authenticated if necessary.
"We believe that End to End Trust will transform how the industry thinks about and approaches online trust and security," said Mundie. "End to End Trust will enable new opportunities for collaboration on solutions to social, political, economic and technical issues that will have a long-term impact on Internet security and privacy."
In the white paper (download PDF), which was authored by the chief of Microsoft's Trustworthy Computing group, Scott Charney, Microsoft laid out its ideas. "Microsoft and the technology industry alone cannot create a trusted online experience," Charney said in remarks released before Mundie's speech. "For that to happen, industry must not only band together, but must work with customers, partners, governments and other important constituencies on a road map for taking Trustworthy Computing to the Internet.
"Trustworthy Computing" is the tag that Microsoft applied to its efforts, now six years old and counting, to improve the security of its own software, primarily Windows. Mundie, who wrote the white paper outlining that initiative, pointed to four so-called "pillars" that the company would create: security, privacy, reliability and business integrity.
End to End Trust is an extension of that work, George Stathakopoulos, the general manager of Trustworthy Computing, said in an interview today. "The goal today [of End to End Trust] is to make it a platform for a dialogue. We want to discuss the broad concepts with everyone else, and work to create a trusted stack."
Any and all will be welcome in such discussions, which Microsoft has yet to clarify or even define. "We'll have forums and dialogue," said Stathakopoulos, "and we'll be updating everyone at regular intervals and reporting on progress."
Even the Charney white paper, which Microsoft posted to its Web site following Mundie's address, was light on details and heavy on generalities. Stathakopoulos said that is by design. "This isn't a strategic or prescriptive paper. We already have the solutions for many of these problems. This is more a call for the industry coming together.
"Let's have an open discussion."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts