Your SlideShare is downloading. ×
Seminar Report<br />On<br />MICROSOFT Palladium<br />Under the supervision of<br />Santhosh Kumar M.B.<br />Sr. Lecturer, ...
Buffer overflows…</li></ul> <br />CHAPTER 7<br />7.   CONCLUSION<br />Palladium is a platform<br />Enables ISVs to write t...
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
ngscb
Upcoming SlideShare
Loading in...5
×

ngscb

2,138

Published on

microsoft palladium

Published in: Education
2 Comments
5 Likes
Statistics
Notes
No Downloads
Views
Total Views
2,138
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
2
Likes
5
Embeds 0
No embeds

No notes for slide

Transcript of "ngscb"

  1. 1. Seminar Report<br />On<br />MICROSOFT Palladium<br />Under the supervision of<br />Santhosh Kumar M.B.<br />Sr. Lecturer, IT DIVISION , SOE, CUSAT<br />Submitted by:-<br />MANISH KUMAR SINHA<br />REG no (14080042)<br />DIVISION OF INFORMATION TECHNOLOGY<br />SCHOOL OF ENGINEERING<br />COCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY<br />KOCHI-682002<br />CERTIFICATE<br />32289751628775<br />MICROSOFT PALLADIUM<br />Bonafide record of seminar done by<br />Name of student ……………….<br />REG NO: …………..<br />Submitted in partial fulfillment of the requirement<br />for the Degree of<br />BACHELOR OF TECHNOLOGY<br />In<br />DIVISION OF INFORMATION TECHNOLOGY<br />of<br />COCHIN UNIVERSITY OF SCIENCE & TECHNOLOGY.<br />Mr. SANTOSH KUMAR Dr. PHILIP SAMUEL<br />Sr. Lecturer Head of Division of Information technology<br />ABSTRACT<br /> The Next-Generation Secure Computing Base (NGSCB), formerly known as Palladium, is a software architecture designed by Microsoft which is expected to implement " Trusted Computing" concept on future versions of the Microsoft Windows operating system.<br /> <br /> Palladium is part of Microsoft's Trustworthy Computing initiative. Microsoft's stated aim for palladium is to increase the security and privacy of computer users. Palladium involves a new breed of hardware and applications in along with the architecture of the Windows operating system. Designed to work side-by-side with the existing functionality of Windows, this significant evolution of the personal computer platform will introduce a level of security that meets the rising Customer requirements for data protection, integrity and distributed collaboration. It's designed to give people greater security, personal privacy and system integrity.<br /> " Palladium" is the code name for an evolutionary set of features for the Microsoft Windows operating system. When combined with a new breed of hardware and applications, " Palladium" gives individuals and groups of users greater data security, personal privacy and system integrity.<br />Acknowledgement<br /> I consider it as a great privilege to express my heart felt gratitude to many resprected personalities who guided, inspired and helped us in successful completion of this seminar and presentation.<br /> I also express our gratitude to Dr. Santhosh Kumar M.B., Senior Lecturer of the Department for providing us with adequate facilities, ways and means by which I was able to complete this presentations. I also<br />express our sincere gratitude for his constant support and valuable suggestions without which the successful completion of this presentation would not have been possible.<br /> I also express our immense pleasure and thankfulness to all the teachers and staff of the Department of Information Technology, CUSAT for their cooperation and support.<br /> <br /> Last but not the least, I thank all others, and especially our classmates and our family members who in one way or another helped us in the successful completion of this work.<br />MANISH K UMAR SINHA<br />CONTENTS<br /> TOC o " 1-3" h z u ABSTRACT PAGEREF _Toc272839002 h 3Acknowledgement PAGEREF _Toc272839003 h 4CONTENT PAGEREF _Toc272839004 h 5LIST OF FIGURES PAGEREF _Toc272839005 h 61. INTRODUCTION PAGEREF _Toc272839006 h 72. AVAILABILITY& HISTROY PAGEREF _Toc272839007 h 82.1 AVAILABILITY PAGEREF _Toc272839008 h 82.2 HISTROY PAGEREF _Toc272839009 h 93. TRUSTWORTHY COMPUTING PAGEREF _Toc272839010 h 93.1 Who to trust PAGEREF _Toc272839011 h 103.2 Chain of trust PAGEREF _Toc272839012 h 104. NGSCB ‘S FUNDAMENTAL PAGEREF _Toc272839013 h 114.1 Strong Process Isolation PAGEREF _Toc272839014 h 124.2 Sealed Storage PAGEREF _Toc272839015 h 144.3 Cryptographic Attestation PAGEREF _Toc272839016 h 154.4 Secure Paths to the User PAGEREF _Toc272839017 h 165. ARCHITECTURE PAGEREF _Toc272839018 h 175.1 Aspects of Palladium PAGEREF _Toc272839019 h 175.1.1 Hardware Component PAGEREF _Toc272839020 h 175.1.2 Software Component PAGEREF _Toc272839021 h 175.2 CODE IDENTITY PAGEREF _Toc272839022 h 185.3 HOW IT WORKS &WHAT IS DOES PAGEREF _Toc272839023 h 185.3 HComparison of TCPA and PalladiumOW IT WORKS &WHAT IS DOES PAGEREF _Toc272839024 h 186. ADVANTAGES & DISADVANTAGES PAGEREF _Toc272839025 h 196.1 ADVANTAGES PAGEREF _Toc272839026 h 196.1.1 Your Information is Secure PAGEREF _Toc272839027 h 196.1.2 Digital Rights Management PAGEREF _Toc272839028 h 196.1.3 Open Source and Palladium PAGEREF _Toc272839029 h 206.1.4 No User Authentication PAGEREF _Toc272839030 h 206.1.5 3-Phase Deployment Plan PAGEREF _Toc272839031 h 216.2 DISADVANTAGES PAGEREF _Toc272839032 h 216.2.1 UPGRADES PAGEREF _Toc272839033 h 216.2.2 LEGACY PROGRAMS PAGEREF _Toc272839034 h 216.2.3 BOBE (Break Once Break Everywhere) PAGEREF _Toc272839035 h 226.2.4 Attack Vectors PAGEREF _Toc272839036 h 226.2.5 Other Limitation. PAGEREF _Toc272839037 h 227. CONCLUSION PAGEREF _Toc272839038 h 238. REFERENCES PAGEREF _Toc272839039 h 25<br />1. INTRODUCTION<br /> “Palladium" is the code name for an evolutionary set of features for the Microsoft® Windows® operating system. When combined with a new breed of hardware and applications, these features will give individuals and groups of users greater data security, personal privacy,and system integrity. In addition, " Palladium" will offer enterprise customers significant new benefits for network security and content protection.<br /> The Next-Generation Secure Computing Base (NGSCB), formerly known as Palladium,<br />is a software architecture designed by Microsoft which is expected to implement “trusted computing" concept on future versions of the Microsoft windows operating system. Palladium is part of Microsoft's Trustworthy computing initiative. Microsoft's stated aim for palladium is to increase the security and privacy of computer users. Palladium involves a new breed of hardware and applications in along with the architecture of the Windows operating system. Designed to work side-by-side with the existing functionality of Windows, this significant evolution of the personal computer platform will introduce a level of security that meets the rising customer requirements for data protection, integrity and distributed collaboration. It's designed to give people greater security, personal privacy and system integrity. Internet security is also provided by palladium such as protecting data from virus and hacking of data.<br /> In addition to new core components in Windows that will move the Palladium effort forward,Microsoft is working with hardware partners to build Palladium components and features into their products. The new hardware architecture involves some changes to CPUs which are significant from a functional perspective. There will also be a new piece of hardware called for by Palladium that you might refer to as a security chip. It will provide a set of cryptographic functions and keys that are central to what we're doing. There are also some associated changes under the chipset, and the graphics and I/O system through the USB port--all designed to create a comprehensive security environment.<br />CHAPTER 2<br />2. AVAILABILITY& HISTROY<br />2.1 AVAILABILITY<br />Microsoft originally publicized the NGSCB technology under the code name Palladium, which was the word for a mythical talisman that guaranteed the security of Troy.Its working title was " Next-Generation Secure Computing Base," much as .NET's working title was " Next-Generation Windows Services." In early 2006, Microsoft renamed the NGSCB team at Microsoft to the System Integrity Team.<br />Microsoft originally publicized the NGSCB technology under the code name Palladium, which was the word for amythical talisman that guaranteed the security of Troy. Its working title was " Next-Generation Secure Computing Base," much as .NET's working title was " Next-Generation Windows Services." In early 2006,Microsoft renamed the NGSCB team at Microsoft to the System Integrity Team.<br /> 2.2 HISTROY<br />Microsoft originally publicized the NGSCB technology under the code name Palladium, which was the word for a mythical talisman that guaranteed the security of Troy. Its working title was " Next-Generation Secure Computing Base," much as .NET's working title was " Next-Generation Windows Services." In early 2006, Microsoft renamed the NGSCB team at Microsoft to the System Integrity Team.<br />CHAPTER 3<br />3. TRUSTWORTHY COMPUTING<br />Merriam-Webster defines trustworthy as “worthy of confidence.” When you use a computer, you should be able to be confident that it does what you think it does. If you use your credit card on the Internet, you should feel confident that no one will be able to steal it. Moreover, you should feel confident that you’re actually doing business with the person you think you are. If you keep a personal diary on your computer, then you should be the only one who has access to it. Or, if you would like to let someone else see it, then you should be able to explicitly grant them access (maybe to only a specific portion).<br />Currently technologies such as SSL work over the Internet to help protect personal information such as credit card numbers. But it is a specific solution to a specific problem. Palladium is designed to the be one-stop solution to all these concerns.<br />3.1 Who to trust<br />If we want a trusted environment, then we have to ask ourselves who to trust. The first thought is to trust the applications. However, thinking about that reveals that the applications rely on the underlying operating system. Trusting the operating system relies on the hardware functioning as it should, thus we also need to trust the hardware. Thus, we must make the assumption that we can trust the hardware.<br />This, of course, isn’t always the case. Some gifted person could attack the hardware, gain control of it, and thus the entire machine. Microsoft understands this and accepts it as a necessary condition. However, Microsoft stresses that even though one machine may be compromised in this way, no other machines will be affected. This is an extremely important property of Palladium.<br />3.2 Chain of trust<br /> So Palladium establishes a chain of trust. The second you press the power button, the hardware starts up. It will authenticate itself to make sure it hasn’t been tampered with, then authenticate the operating system that is about to boot. Once started, the operating system is now trusted. When an application is run, the operating system authenticates it, thus extending trust to the application.<br /> Again, it is important to note that the first step, the hardware authenticating itself, could be attacked by someone physically next to the machine. However, Palladium has taken steps to ensure that this attack will not compromise other systems (more on this later).<br />CHAPTER 4<br />4. NGSCB ‘S FUNDAMENTAL<br />On commercial computer platforms, it is not feasible to restrict the firmware, device hardware, drivers, and applications sufficiently to provide adequate process isolation. NGSCB avoids this conflict by allowing both secure and mainstream operating systems to coexist on the same computer.<br />Only an NGSCB-trusted application, also called a nexus computing agent (NCA), can run securely within the protected operating environment. The user defines specific policies that determine which trusted applications can run in the protected operating environment. The program code does not need to be signed in order to run on an NGSCB-capable computer.<br />The following core elements provide the protected operating environment for trusted applications:<br /><ul><li>Strong process isolation</li></ul>The protected operating environment isolates a secure area of memory that is used to process data with higher security requirements.<br /><ul><li>Sealed storage</li></ul>This storage mechanism uses encryption to help ensure the privacy of NGSCB data that persists on the hard disk of NGSCB-capable computers.<br /><ul><li>Attestation</li></ul>This occurs when a piece of code digitally signs and attests to a piece of data, helping to confirm to the recipient that the data was constructed by a cryptographically identifiable software stack.<br /><ul><li>Secure paths to the user</li></ul>By encrypting input and output, the system creates a secure path from the keyboard and mouse to trusted applications and from those applications to a region of the computer screen. These secure paths ensure that valuable information remains private and unaltered.<br /> Microsoft is initially designing NGSCB features and services for the next 32-bit version of the Windows operating system, and plans are underway to support other platforms as well.Strong Process Isolation<br />4.1 Strong Process Isolation<br />In NGSCB, the protected operating environment provides a restricted and protected address space for applications and services that have higher security requirements. The primary feature of the protected operating environment is curtained memory, a secure area of memory within an otherwise open operating system.<br />Random access memory (RAM) in current computers is divided into two sections: the operating system, which is ring 0, and the user space, which is ring 3. Two addressing-mode bits control access to these sections. Ring 0 contains important system functions, including memory management, scheduling, and peripheral device drivers. User programs that run on the computer execute in ring 3. These user programs can also call into ring 0 whenever they require a system function, such as additional memory.<br />This protected operating environment consists of two primary system components:<br /><ul><li>NEXUS</li></ul>This is a special security kernel that establishes the protected operating environment by isolating specific areas in memory. The nexus provides encryption technology to authenticate and protect data that is entered, stored, communicated, or displayed and to help ensure that the data is not accessed by other programs or hardware devices.<br />Offers services to store cryptographic keys and encrypt and decrypt information.<br />Identifies and authenticates NCAs.<br />Controls access to trusted applications and resources by using a security reference monitor, which is part of the nexus security kernel.<br />Manages all essential NGSCB services, including memory management, exclusive access to device memory and secure input and output, and access to any non-NGSCB system services.<br /><ul><li>NEXUS COMPUTING AGENTS (NCAs)</li></ul>These are trusted software components which run in the protected operating environment and are hosted by the nexus. An NCA can be an application, a part of an application, or a service. Using NCAs to process data and transactions in curtained memory is one of the primary features of NGSCB-capable computers<br />Typical NGSCB Configuration<br />4.2 Sealed Storage<br />Because file access controls are only as secure as the operating system that implements the access check, NGSCB also strengthens access-control mechanisms for data stored on the hard disk. NGSCB provides sealed data storage by using a special security support component (SSC). The SSC provides the nexus with individualized encryption services to manage the cryptographic keys, including the NGSCB public and private key pairs and the Advanced Encryption Standard (AES) key from which keys are derived for trusted applications and services. An NCA uses these derived keys for data encryption; file system operations by the standard operating system provide the storage services.<br />Sealed storage securely stores information so an NCA can mandate that its information is only accessible to itself and other applications and services that the user and NCA identify as trustworthy. Any time the nexus must protect information, it can encrypt the data by using keys derived from the SSC.<br />Protected information is accessible only to the software that stored it and can only be accessed when the original SSC is present. Sealed storage cannot be read by unauthorized secure applications, and it also cannot be read if another operating system is started or if the hard disk is moved to another computer. NGSCB provides mechanisms for backing up data and for migrating secure information to other computers.<br />4.3 Cryptographic Attestation<br />Attestation is the process by which a piece of code digitally signs and attests to a piece of data, helping to confirm to the recipient that the data was constructed by a cryptographically identifiable software stack. When used in conjunction with a certification and licensing infrastructure, this mechanism allows the user to reveal selected characteristics of the operating environment to external requestors and to prove to remote service providers that the hardware and software stack is legitimate. By authenticating themselves to remote entities, trusted applications can create, verify, and maintain a security perimeter that does not require trusted administrators or authorities. Attestation provides a stronger security foundation for many tasks that could potentially pose security risks.<br />For example, a banking company might provide NGSCB-capable computers to its high-profile customers to help provide secure remote access and processing for Internet banking transactions that contain highly sensitive and valuable information. The banking company then decides to build their own NGSCB-trusted application that uses a secure network protocol, enabling the customers to communicate with a server application on the company's servers. Using attestation, the trusted application can first prove its identity to the server application before any sensitive transactions are processed, helping to prevent malicious users from intercepting or tampering with customer data and activities and protecting the server from transactions initiated by malicious programs.<br />4.4 Secure Paths to the User<br />Secure input and output in NGSCB refers to a secure path from the keyboard and mouse to trusted applications and from those applications to a region of the screen. To achieve secure input and output, NGSCB uses secure input and output devices to ensure that user data comes from and goes to authorized locations without being intercepted. The following diagram shows the interaction of secure input and output devices with other NGSCB components.<br />Interaction of Secure Input and Output Devices with Other NGSCB Components<br />This secure input mechanism helps to protect the computer from programs that record keystrokes or enable a remote user or program to act as a legitimate local user. NGSCB supports secure user input through upgraded keyboards and universal serial bus (USB) devices, enabling a local user to communicate securely with a trusted application. As smart cards, biometrics, and other input devices are made trustworthy, NGSCB will provide interfaces for those devices as well.<br />The graphics adaptors in computers are generally optimized for performance rather than security. This vulnerability enables software to read or write to video memory easily and makes securing video very difficult. New secure output devices for NGSCB will take advantage of advances in graphics adaptor technology to help protect data in video memory.<br />5. ARCHITECTURE<br />5.1 Aspects of Palladium<br />Palladium comprises two key components: hardware and software.<br />5.1.1 Hardware Component<br /> Engineered for ensuring the protected execution of applications and processes, the protected operating environment provides the following basic mechanisms:<br /> • Trusted space: An execution space that is protected from external software attacks such as a virus. Trusted space is set up and maintained by the TOR and has access to various services provided by Palladium, such as sealed storage.<br /> • Sealed storage: An authenticated mechanism that allows a program to store secrets that cannot be retrieved by non-trusted programs such as a virus or Trojan horse. Information in sealed storage cannot be read by other non-trusted programs. (Sealed storage cannot be read by unauthorized secure programs, forthat matter, and cannot be read even if another OS is booted, or the disk is carried to another machine.)These stored secrets can be tied to the machine, the TOR, or the application. We will also providemechanisms for the safe and controlled backup and migration of secrets to other machines.<br /> • Attestation: A mechanism that allows the user to reveal selected characteristics of the operating environment to external requestors. For example, attestation can be used to verify that the computer isrunning a valid version of Palladium.These basic mechanisms provide a platform for building distributed trusted software<br />5.1.2 Software Component<br />The platform implements these trusted primitives in an open, programmable way to third parties. The platform consists of the following elements:<br /> • Trusted Operating Root (TOR): The component in Microsoft Windows that manages trust functionality for Palladium user-mode processes (agents). The TOR executes in kernel mode in the trusted space. It provides basic services to trusted agents, such as the establishment of the process mechanisms for communicating with trusted agents and other applications, and special trust services such as attestation of requests and the sealing and unsealing of secrets.<br /> • Trusted agents: A trusted agent is a program, a part of a program, or a service that runs in user mode in the trusted space. A trusted agent calls the TOR for security-related services and critical general services such as memory management. A trusted agent is able to store secrets using sealed storage and authenticates itself using the attestation services of the TOR. <br />Together, the TOR and trusted agents provide the following features:<br /> • Trusted data storage: Encryption services for applications to ensure data integrity<br /> and protection.<br /> • Authenticated boot: Facilities to enable hardware and software to authenticate itself.<br />5.2 Code Identity<br />5.3 How It Works &What Is Does<br />5.4 Comparison of TCPA and Palladium<br />CHAPTER 6<br />6. ADVANTAGES & DISADVANTAGES<br />6.1 ADVANTAGES<br />6.1.1 Your Information is Secure<br />Some people have the misconception that your information will be stored on servers and someone else will be in control of it. While that may have been true of the failed Hailstorm initiative, it is certainly not of Palladium. Palladium stores all your personal data on your home machine. You have to explicitly allow someone to have access to that data, and when they do, you can see exactly what they want to look at and grant them access to only that particular piece of information.<br />The great part about this setup is that all your information is centralized and under your direct control. Thus if you want to go to the doctor or get a new credit card, you won’t have to fill out those stupid forms (don’t you hate doing that!). Instead, you’ll just give them your name and e-mail, and they’ll send you a request for your info. You just click ‘accept’ and the information is automatically and securely shuttled over to them.<br />6.1.2 Digital Rights Management<br />DRM has gotten a bad rap in general in the past few years. People don’t like it a) because they like to pirate stuff and b) because many times DRM enables the publishers of content to go too far in restricting its use, thereby nullifying fair use.<br />DRM is definitely the hottest issue surrounding Palladium. It’s one of the first things people thing about when they start looking at the outcomes of Palladium. Truthfully, DRM is one of the reasons Palladium exists (for an interesting read, take a look at TCPA and Palladium: Sony Inside, on the second Links slide). Two questions also surface when dealing with DRM. The second isn’t always explicitly stated, but it’s lurking there:<br />Will DRM kill fair use?<br />It’s very possible that the media companies will be extremely restrictive usage rules on their content. Palladium enables them to do whatever they want. Hopefully the courts will step in at some point and force the media companies to use more user-friendly rules, but that won’t happen in the short term. So while it’s not a definite, it is very likely that the media companies will use Palladium to stifle fair use.<br />6.1.3 Open Source and Palladium<br />Another big concern with Palladium is that it could shut out open source/Free Software operating systems. Like I’ve said before, Palladium is a conservative extension of the PC. Thus it won’t disable any operating systems that run on the PC. In fact, it’s possible for Linux or FreeBSD to implement a Nexus and run its own trusted apps.<br />Of course, it is still possible for Microsoft to create proprietary apps that will only run on Windows. In addition, it will probably be possible for content creators to specify that their content can’t be run on non-Windows machines, effectively shutting out any non-MS operating systems.<br />6.1.4 No User Authentication<br />It’s important to point out that there is no user authentication with Palladium. The trust deals with the individual machine. It is the software’s job to authenticate the user, not part of the Palladium specification. The software can of course be trusted because it’s verified by the hardware.<br />One alternative to Windows logon are smart cards. Smart cards have their own set of cryptographic keys that could be used to store data on portable media.<br />The problem with tying the cryptography to the specific machine is that it makes it more difficult to move data between machines. I think Microsoft is working on algorithms to work around this problem though.<br />6.1.5 3-Phase Deployment Plan<br />Since it’s doubtful that consumers will flock to jump on the Palladium bandwagon, Microsoft will probably implement a 3-phase plan. The first takers of Palladium will be major corporations. Here Palladium’s trustworthiness will be key to maintaining company secrets.<br />Eventually media companies will want a piece of the action and will begin to write trusted apps and create trusted content. As more and more of this trusted content becomes available, end users will slowly start to buy into Palladium. Hopefully enough will buy in to create a landslide that will bring the rest in.<br />6.2 DISADVANTAGES<br />6.2.1 UPGRADES<br /> In order to get a better performance of palladium , users will have to upgrade both their current operating systems and hardware. The central processing unit will have to support the trusted execution mode that Palladium offers. It is clear that future motherboards will need to contain the security chip for Palladium to run properly . More upgrades may be of concern in the area of graphic hardware and peripherals such as keyboards and mouse because of the encryption in between these hardware devices and the software they are interacting with. <br /> 6.2.2 LEGACY PROGRAMS<br /> All existing debuggers will need to be updated in order to work under Palladium. Performance tools that monitor operating system or user processes will need to be updated. Hibernation features of motherboards will need to be updated as well. Memory scrub routines, at the hardware level, will need to be rewritten to accommodate Palladium. The reason for all of these updates is the trusted agent policy that Palladium enforces. No program is allowed to get into the execution space for any other program. In the case of a debugger, it will need special permission from the operating system to monitor the execution space of the target program. Even software developed for the TCPA specification will need to be rewritten if it tries to directly write to any TCPA hardware. This description of incompatible legacy programs is by no means comprehensive; it is simply what Microsoft is disclosing at this time <br />6.2.3 BOBE (Break Once Break Everywhere)<br />Microsoft makes the non-BOBE claim, but that leads to a major threat to NGSCB…<br />Break Once Break Everywhere<br />MS says NGSCB is not BOBE<br />MS acknowledges that NGSCB SSC’s private keys may be able to be pried out<br />Expense/effort should be high<br />MS: Only the one machine is affected<br />6.2.4 Attack Vectors<br />Now to begin to consider (just the tip of the iceberg) attack vectors for NGSCB. I believe we have reiterated enough times that DOS and buffer overflows (RPC, DCOM, what have you) will continue to live. <br />We have briefly mentioned physical security. If someone has temporary access to your machine and boots a CD for an alternate OS, then NGSCB can provide strong assurance that your data will stay confidential. The key point here is that NGSCB HW should be tamper resistant—not tamper proof. If a law enforcement agency confiscates.<br />6.2.5 Other Limitation.<br />Just to keep reiterating, from an availability perspective these things will still be around—probably for quite some time. An important message of this presentation is that NBSCB (version 1, at least) will do nothing to solve this problem.<br /><ul><li>Viruses, worms may cause same amount of damage—you could still become a zombie
  2. 2. Buffer overflows…</li></ul> <br />CHAPTER 7<br />7. CONCLUSION<br />Palladium is a platform<br />Enables ISVs to write trusted apps easily.<br />First version in future version of Windows<br />Sometime around 2005 or 2006<br />Will it work?<br />Who knows. Microsoft hopes so.<br />Do you want it to work?<br />There are good and bad outcomes of it.<br />It’s a personal decision.<br />users will have unparalleled power over system integrity, personal privacy and data security.<br />Palladium processes are isolated from each other by the hardware <br /> Palladium processes can store & retrieve secrets securely (based on their hash value)<br /> Hardware provides crypto services to the nexus<br /> Recursively, the nexus provides these same services to agents running on top of it.<br />The users will have unparalleled power over system integrity, personal privacy and data security.<br />Palladium is a hardware-based secure execution environment<br />Palladium is a hardware-based secure execution environment<br />Palladium processes are isolated from each other by the hardware <br />Palladium processes can store & retrieve secrets securely (based on their hash value)<br />The nexus provides an execution environment and security/crypto-services to hosted agents<br />CHAPTER 8<br />8. REFERENCES<br />Microsoft Palladium: A Business Overviewhttp://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp<br />Microsoft NGSCB Technical FAQhttp://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/NGSCB.asp<br />Palladium Detailshttp://www.activewin.com/articles/2002/pd.shtml<br />Microsoft Meeting on Palladiumhttp://vitanuova.loyalty.org/2002-07-03.html<br />EPIC’s Palladium Coveragehttp://www.epic.org/privacy/consumer/microsoft/palladium.html<br />Inside Microsoft’s Secure OS Project Palladiumhttp://www.extremetech.com/article2/0,3973,837726,00.asp<br />MIT Palladium Presentationhttp://www.cryptome.org/palladium-mit.htm<br />Wikipedia, Next-Generation Secure Computing Base http://en.wikipedia.org/wiki/Next-Generation_Secure_Computing_Base<br />TCPA and Palladium Technical Analysishttp://wintermute.homelinux.org/miscelanea/TCPA%20Security.txt<br />

×