dcsimg
RealTime IT News
Gartner Hails 'Palladium' Modification
By Ryan Naraine
May 12, 2004

Gartner vice president Martin Reynolds is hailing Microsoft's plans to simplify the integration of the Next-Generation Secure Computing Base (NGSCB) with the coming Longhorn operating system.

In giving the plan his thumbs-up, Reynolds said the move makes it easier to secure applications without wrenching code rewrites.

In a research note, Reynolds wrote that the original NGSCB architecture isolated the project from the Windows development process and also required modifications to applications using NGSCB features. "Microsoft now plans to simplify implementation of NGSCB within the Longhorn infrastructure.

Longhorn will provide scheduling, boot, advanced driver, and application programming interface (API) capabilities for NGSCB, simplifying the NGSCB nexus. This simplification makes it easier to develop the trusted code required by the nexus," he wrote.

NGSCB, formerly codenamed Palladium, promises to revolutionize computer security and digital rights management (DRM). It is often described as a virtual vault residing within each computer that lets users store encrypted information and only authorize certain entities to see it. It also provides protection for critical data against virus attacks, Trojan horses and spyware and could double as a DRM tool to authenticate who is allowed to see a file or use a program.

Gartner's Reynolds said it was originally designed to create a parallel, secured, sealed and trusted partition that ran alongside any operating system. But because of the isolation from the Windows development process, it demanded major application rewrites to work.

The latest refinement with that plan, he said, makes NGSCB capabilities far more accessible to applications without modification. "The more sophisticated NGSCB environment will open the door for a broad range of infrastructure components that need to be implemented in a secured environment. Network security and hard-drive encryption would, for example, be good candidates for Nexus implementation, because they cannot be compromised by a successful attack on Longhorn," Reynolds added.

He said the nexus may also be able to support Windows APIs, allowing the nexus agents to be more sophisticated, yet still be secured. "The nexus maintains ultimate discipline over the secured memory partition feature to be introduced in NGSCB-capable processors, and will presumably be capable of offering strong isolation capabilities to the Longhorn kernel, further improving system security and stability."

Gartner expects Longhorn to launch with NGSCB components that provide strong authentication without passwords and be available by 2007.

Microsoft project manager Mario Juarez recently told internetnews.com that NGSCB is being refined for customers and partners.

"[Customers] want us to broaden the capabilities of the technology. Those are the issues we're dealing with to evolve the project," Juarez said.