Microsoft revisits NGSCB security plan
Formerly known as Palladium, the technology was unveiled in 2002
IDG News Service - Microsoft Corp. is revisiting its Next-Generation Secure Computing Base (NGSCB) security plan because enterprise users and software makers don't want to be forced to rewrite their code to take advantage of the technology, the company said yesterday.
In response to feedback from users and software makers, Microsoft is retooling NGSCB so that at least part of the security benefits will be available without the need for recoded applications, said Mario Juarez, a Microsoft product manager, in an interview yesterday at the vendor's Windows Hardware Engineering Conference (WinHEC).
"We're revisiting the way that the architecture needs to be built in order to accommodate the feedback that we have gotten and provide the broader value that we want the technology to provide," he said. Microsoft is making changes to NGSCB but isn't discarding previous work or going back to the drawing board, Juarez stressed.
Microsoft announced NGSCB, formerly called Palladium, in 2002. The technology uses a combination of software and hardware that Microsoft says will boost PC security by isolating software so it can be protected against malicious code. The company plans to incorporate the technology in Longhorn, the successor to Windows XP, which is expected out in 2006.
NGSCB was demonstrated for the first time a year ago at the 2003 WinHEC. Attendees at Microsoft's Professional Developers Conference in Los Angeles last October received a developer preview of NGSCB. The preview was meant to give developers a feel of what it's like to develop an application that uses NGSCB security.
Meanwhile, Microsoft has been gathering feedback and is working on incorporating that, according to Juarez. As a result, NGSCB will be revised so that software makers and enterprise users can take advantage of part of the technology out of the box, without the need to rewrite applications.
Originally, NGSCB provided strong protection for very small amounts of data through protected agents. Applications would have to be rebuilt to include a protected agent that would run in a secured space on the system. Now Microsoft is working to revise the NGSCB technology so it's possible to secure more bits without having to rewrite applications, Juarez said.
"We can't provide the level of specifics that we provided last year because we're still in the process of sorting out the details," Juarez said. "We will have more specifics later this year about how the technology will be implemented based on the feedback."
NGSCB includes a new software component for Windows called a "nexus," and a chip that can perform cryptographic operations, called the trusted platform module. NGSCB also requires changes to aPC's processor and chipset and the graphics card. The combination of hardware and software creates a second operating environment within a PC that is meant to protect the system from malicious code by providing secure connections between applications, peripheral hardware, memory and storage.
Microsoft has pitched NGSCB as a boon for customers, though critics have argued that it will curtail users' ability to control their PCs and could erode fair-use rights for digital music and movie files. Corporate users will likely be the first to buy into the technology, with early applications likely to include secure messaging and other applications useful to corporate PC users.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Gartner Magic Quadrant for Application Security The market for application security testing is changing rapidly. Technology trends, such as mobile applications, advanced Web applications and dynamic languages, are forcing...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Desktop Apps White Papers | Webcasts