Microsoft revisits NGSCB security plan
Formerly known as Palladium, the technology was unveiled in 2002
IDG News Service - Microsoft Corp. is revisiting its Next-Generation Secure Computing Base (NGSCB) security plan because enterprise users and software makers don't want to be forced to rewrite their code to take advantage of the technology, the company said yesterday.
In response to feedback from users and software makers, Microsoft is retooling NGSCB so that at least part of the security benefits will be available without the need for recoded applications, said Mario Juarez, a Microsoft product manager, in an interview yesterday at the vendor's Windows Hardware Engineering Conference (WinHEC).
"We're revisiting the way that the architecture needs to be built in order to accommodate the feedback that we have gotten and provide the broader value that we want the technology to provide," he said. Microsoft is making changes to NGSCB but isn't discarding previous work or going back to the drawing board, Juarez stressed.
Microsoft announced NGSCB, formerly called Palladium, in 2002. The technology uses a combination of software and hardware that Microsoft says will boost PC security by isolating software so it can be protected against malicious code. The company plans to incorporate the technology in Longhorn, the successor to Windows XP, which is expected out in 2006.
NGSCB was demonstrated for the first time a year ago at the 2003 WinHEC. Attendees at Microsoft's Professional Developers Conference in Los Angeles last October received a developer preview of NGSCB. The preview was meant to give developers a feel of what it's like to develop an application that uses NGSCB security.
Meanwhile, Microsoft has been gathering feedback and is working on incorporating that, according to Juarez. As a result, NGSCB will be revised so that software makers and enterprise users can take advantage of part of the technology out of the box, without the need to rewrite applications.
Originally, NGSCB provided strong protection for very small amounts of data through protected agents. Applications would have to be rebuilt to include a protected agent that would run in a secured space on the system. Now Microsoft is working to revise the NGSCB technology so it's possible to secure more bits without having to rewrite applications, Juarez said.
"We can't provide the level of specifics that we provided last year because we're still in the process of sorting out the details," Juarez said. "We will have more specifics later this year about how the technology will be implemented based on the feedback."
NGSCB includes a new software component for Windows called a "nexus," and a chip that can perform cryptographic operations, called the trusted platform module. NGSCB also requires changes to aPC's processor and chipset and the graphics card. The combination of hardware and software creates a second operating environment within a PC that is meant to protect the system from malicious code by providing secure connections between applications, peripheral hardware, memory and storage.
Microsoft has pitched NGSCB as a boon for customers, though critics have argued that it will curtail users' ability to control their PCs and could erode fair-use rights for digital music and movie files. Corporate users will likely be the first to buy into the technology, with early applications likely to include secure messaging and other applications useful to corporate PC users.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Exponentially Accelerate Data Protection and Recovery with Simpana 10 IntelliSnap® Snapshot Management Technology Are you making the best use of your storage array snapshot functionality? CommVault Simpana 10 IntelliSnap technology manages hardware-based snapshots across multiple vendor...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Desktop Apps White Papers | Webcasts