Microsoft Palladium.

•

9 likes•3,400 views

this is presentation on ms palladium. i am trying to understand easily and in short. for more information and the notes about the ms palladium mail me.

Technology

CONTENTS
• Introduction
• Trustworthy Computing
• Palladium goals
• How palladium will do it
• TCPA
• Conclusion

Introduction
• A set of Hardware & Software.
• Next-Generation Secure Computing Base.
• It make the pc more trustworthy.
• Goal is to “protect software from software”.

• Trustworthy: worthy of confidence.
• Examples:
• Credit card numbers that can’t be stolen.
• Palladium seeks to solve them all.
Trustworthy
Computing

• Perform trusted operations
• Span multiple computers with this trust
• Create dynamic trust policies
• Allow anyone to authenticate these policies
Palladium’s
Goals

How Palladium
Will Do It
• Specifically, Palladium will add four new security
features :
• Protected memory
• Attestation
• Sealed storage
• Secure input and output
• It primarily does this through cryptographic keys
and algorithms.

TCPA
• Trusted Computing Platform Alliance
• Group of companies (about 200)
• Biggest players:
• Microsoft
• Intel
• Compaq
• HP
• IBM
• Same goal as Palladium: trustworthiness

Conclusion
• Palladium is a platform
• Enables ISVs to write trusted apps easily.
• Will it work?
• Who knows. Microsoft hopes so.
• Do you want it to work?
• There are good and bad outcomes of it.
• It’s a personal decision.

What's hot

Aws cloud hms service

Mmik Huang

Security on Windows Azure

Haddy El-Haggan

he vast majority of security breaches take place when attackers gain access to an environment by stealing a user’s identity. Over the years, attackers have become increasingly effective in leveraging third party breaches and using sophisticated phishing attacks. As soon as an attacker gains access to even low privileged user accounts, it is relatively easy for them to gain access to important company resources through lateral movement. In this demo heavy session, you will learn how Azure Identity Protection, Azure Multi-Factor Authentication (Azure MFA) and the Microsoft Enterprise Mobility + Security (EMS) suite can help you to protect and secure corporate data and identities in the cloud.

SCUGBE_Lowlands_Unite_2017_Protecting cloud identities

Kenny Buntinx

Importance of Azure infrastructure?-Microsoft Azure security infrastructure

Zabeel Institute

2 what is the best firewall (sizing)

Mostafa El Lathy

Hardware Security Modules (HSMs) are widely use for cryptography key management in many areas such as PKI, card payment, trusted platform modules, etc. However they are rarely used in in-house software development. This presentation will explain about why we need the key management and its fundamental, overview of HSM and how it take parts in key management, HSM selection criterias, and finally, an idea to make a web service wrapper easier to adopt by developers those lack of knowledge in cryptography programming.

Secure Your Encryption with HSM

Narudom Roongsiriwong, CISSP

Choosing Encryption for Microsoft SQL Server

Jerome J. Penna

12 Crucial Windows Security Skills for 2018

Paula Januszkiewicz

Join Kent Agerlund on this tour on handling Microsoft Updates and 3rd. party within a System Center 2012 R2 Configuration Manager environment. During this session, you will learn how to design and configure a Software Update solution that will be easy to manage and yet powerful enough to maintain your server and desktop environment. The session will integrate Secunia CSI 7 with Configuration Manager. Expect to learn tips and tricks that will assist you solving the daily challenges around patching your environment.

ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing ...

Kenny Buntinx

12 Crucial Windows Security Skills for 2017

Paula Januszkiewicz

Top 10 ways to make hackers excited: All about the shortcuts not worth taking

Paula Januszkiewicz

SQL Server Encryption - Adi Cohn

sqlserver.co.il

Certificate Pinning in Mobile Applications

Luca Bongiorni

Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...

RootedCON

Zero trust Architecture

AddWeb Solution Pvt. Ltd.

DSS Symantec PGP Encryption Fortress 2014 - ArrowECS - RoadShow Baltics

Andris Soroka

(ISC)2 Kamprianis - Mobile Security

Michalis Kamprianis

PCI Compliance Evolved

SafeNet

Column Level Encryption in Microsoft SQL Server

Behnam Mohammadi

Centralized Patch Management - Proven Security Approach for Ransomware Protec...

Quick Heal Technologies Ltd.

What's hot (20)

Aws cloud hms service

Security on Windows Azure

SCUGBE_Lowlands_Unite_2017_Protecting cloud identities

Importance of Azure infrastructure?-Microsoft Azure security infrastructure

2 what is the best firewall (sizing)

Secure Your Encryption with HSM

Choosing Encryption for Microsoft SQL Server

12 Crucial Windows Security Skills for 2018

ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing ...

12 Crucial Windows Security Skills for 2017

Top 10 ways to make hackers excited: All about the shortcuts not worth taking

SQL Server Encryption - Adi Cohn

Certificate Pinning in Mobile Applications

Juan Francisco Losa - Nuevos enfoques de seguridad en un Banco Digital [roote...

Zero trust Architecture

DSS Symantec PGP Encryption Fortress 2014 - ArrowECS - RoadShow Baltics

(ISC)2 Kamprianis - Mobile Security

PCI Compliance Evolved

Column Level Encryption in Microsoft SQL Server

Centralized Patch Management - Proven Security Approach for Ransomware Protec...

Viewers also liked

Lamp technology

Harish Sabbani

Cryptography

Shivanand Arur

Cryptography.ppt

kusum sharma

Artificial Consciousness

Paresh Tayade

Jini technology

RenuSuren

Brain finger printing

Likan Patra

Bio Inspired Computing Final Version

Thomas Petry

Tesla personal super computer

Priya Manik

Tripwire is a reliable intrusion detection system. It is a software tool that checks to see what has changed in your system. It mainly monitors the key attribute of your files; by key attribute we mean the binary signature, size and other related data. Security and operational stability must go hand in hand; if the user does not have control over the various operations taking place, then naturally the security of the system is also compromised. Tripwire has a powerful feature which pinpoints the changes that has taken place, notifies the administrator of these changes, determines the nature of the changes and provide you with information you need for deciding how to manage the change. Tripwire Integrity management solutions monitor changes to vital system and configuration files. Any changes that occur are compared to a snapshot of the established good baseline. The software detects the changes, notifies the staff and enables rapid recovery and remedy for changes. All Tripwire installation can be centrally managed. Tripwire software’s cross platform functionality enables you to manage thousands of devices across your infrastructure. Security not only means protecting your system against various attacks but also means taking quick and decisive actions when your system is attacked. First of all we must find out whether our system is attacked or not, earlier system logs are certainly handy. You can see evidences of password guessing and other suspicious activities. Logs are ideal for tracing steps of the cracker as he tries to penetrate into the system. But who has the time and the patience to examine the logs on a daily basis??

Tripwire

Anang Sunny

Every tech guy in my office has to take a seminar on some something software engineering or science related topic. I took the topic Cellular Automata. I tried here to present here what I have read about Cellular Automata for 1 month. Being a software engineer I have little opportunity to get everything vividly. But I tried a little to make people feel something on cellular automata. This is just a try from a reader not by an expert or scientist. So if anything objectionable is found please let me be known to that. Some code and application samples were shown in the original seminar which are not given here. Only the slide is given here. Thanks for your co operation

Cellular Automata

Asfak Mahamud

Njiru, 2012 has described that " Lack of effective point of care diagnostic tests applicable in resource-poor endemic areas is a critical barrier to effective treatment and control of infectious diseases.” Therefore, Innovations in biotechnology that combine molecular biology, microfabrication and bioinformatics are moving nucleic acid technologies from futuristic possibilities to common laboratory techniques and modes for diagnoses. In this context, LAMP (Loop Mediated Isothermal Amplification) is a highly sensitive and specific DNA/RNA amplification method. Advantage of LAMP is isothermal reaction condition and therefore, LAMP is affordable because of no need to have expensive thermal cycler.

LAMP (Loop Mediated Isothermal Amplification)

Varij Nayan

Jini network technology

Keerthi Thomas

TRIP WIRE

praveen369

Nokia Morph Technology

Nishanth Nrs

Cryptography

gueste4c97e

Nokia morph technology

cryptography

Wibree

Mobile cloning

Cryptography

Viewers also liked (20)

Lamp technology

Cryptography

Cryptography.ppt

Artificial Consciousness

Jini technology

Brain finger printing

Bio Inspired Computing Final Version

Tesla personal super computer

Tripwire

Cellular Automata

LAMP (Loop Mediated Isothermal Amplification)

Jini network technology

TRIP WIRE

Nokia Morph Technology

Cryptography

Nokia morph technology

cryptography

Wibree

Mobile cloning

Cryptography

Similar to Microsoft Palladium.

DEF CON 27 - workshop - RICHARD GOLD - mind the gap

Felipe Prado

HKG15-407: EME implementation in Chromium: Linaro Clear Key

Linaro

Trusted Computing _plate form_ model.ppt

naghamallella

Trusted _Computing _security mobile .ppt

naghamallella

This is a session given by Gustaf Nyman at Nordic APIs 2016 Platform Summit on October 25th, in Stockholm Sweden. Description: In enterprises the majority of APIs are internal and may count in hundreds. APIs are often implemented in and used from a variety of languages and platforms, and legacy system and protocols are ever-present. As APIs are increasingly part of business strategies, API management becomes an important concern of the whole organisation. Gustaf has spent more than 15 years building API infrastructure for enterprises. In this talk, he shares his thoughts on designing and implementing a long-lasting API management strategy.

Lessons Learned from Building Enterprise APIs (Gustaf Nyman)

Nordic APIs

Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4

Qualcomm Developer Network

Alexey Sintsov- SDLC - try me to implement

DefconRussia

Defcon 25 Packet Hacking Village - Finding Your Way to Domain Access

eightbit

Airtel-BML

Thrifty Kapila

CSF18 - The Night is Dark and Full of Hackers - Sami Laiho

NCCOMMS

Security Issues in Cloud Computing

Jyotika Pandey

Is code review the solution?

Tiago Mendo

When you’re building the next killer mobile app, how can you ensure that your app is both stable and capable of near-instant data updates? The answer: Build a backend! Siva Katir says that there’s much more to building a backend than standing up a SQL server in your datacenter and calling it a day. Since different types of apps demand different backend services, how do you know what sort of backend you need? And, more importantly, how can you ensure that your backend scales so you can survive an explosion of users when you are featured in the app store? Siva discusses the common scenarios facing mobile app developers looking to expand beyond just the device. He’ll share best practices learned while building the PlayFab and other companies’ backends. Join Siva to learn how you can ensure that your app can scale safely and affordably into the millions of concurrent users and across multiple platforms.

Can Your Mobile Infrastructure Survive 1 Million Concurrent Users?

TechWell

Speaker: Phil Cox, Director Security and Compliance, RightScale Over the past few years, PCI compliance in the public cloud has been a growing topic of concern and interest. Like us, you probably have heard assertions from both sides of the topic – some stating that one can be a PCI compliant merchant using public IaaS cloud, others stating that it is impossible. We’ll discuss foundational principles and mindsets for PCI compliance, how to determine system/application scope and requirement applicability, and how to meet top-level PCI DSS (Data Security Standard) requirements in the public IaaS cloud.

PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...

RightScale

IT security for all. Bootcamp slides

Wallarm

Trusted Computing security _platform.ppt

naghamallella

Creating any type of company takes enormous amounts of effort, hard work, and persistence. Let alone an Artificial Intelligence company. As we can assure you, it will take a lot more than the above and adding just a team of brilliant AI scientists to build complex real-world AI solutions. In this talk, we will show you the crucial roles of development teams in a high-performing Artificial Intelligence company.

Shift Remote: AI: Behind the scenes development in an AI company - Matija Ili...

Shift Conference

Shift Remote AI: Behind the Scenes Development in an AI Company - Matija Ilij...

Shift Conference

You’re building the next killer mobile app. How do you ensure that your app is both stable and capable of near-instant data updates? Build a backend! But there’s more to building a backend than standing up a SQL server in your datacenter and calling it a day. Since different types of apps demand different backend services, how do you know what sort of backend you need? And, more importantly, how can you ensure that your backend will scale so you can survive an explosion of users that comes from events like being featured in the app store? Siva Katir and Melissa Benua will discuss the common scenarios facing mobile app developers who are looking to expand beyond just the device and will share best practices learned while building the PlayFab and other companies’ backends. Join Siva and Melissa to learn how you can ensure that your app can scale safely and affordably into the millions of concurrent users (CCU) and across multiple platforms.

Can Your Mobile Infrastructure Survive 1 Million Concurrent Users?

Josiah Renaudin

Amazon Inspector is a service from AWS that identifies security issues in your application deployments. Use Amazon Inspector with your applications to assess your security posture and identify areas that can be improved. Amazon Inspector works with your Amazon EC2 instances to monitor activity in your applications and system. This session will cover getting started with Amazon Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle.

Getting Started with Amazon Inspector

Amazon Web Services

Similar to Microsoft Palladium. (20)

DEF CON 27 - workshop - RICHARD GOLD - mind the gap

HKG15-407: EME implementation in Chromium: Linaro Clear Key

Trusted Computing _plate form_ model.ppt

Trusted _Computing _security mobile .ppt

Lessons Learned from Building Enterprise APIs (Gustaf Nyman)

Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4

Alexey Sintsov- SDLC - try me to implement

Defcon 25 Packet Hacking Village - Finding Your Way to Domain Access

Airtel-BML

CSF18 - The Night is Dark and Full of Hackers - Sami Laiho

Security Issues in Cloud Computing

Is code review the solution?

Can Your Mobile Infrastructure Survive 1 Million Concurrent Users?

PCI: Building Compliant Applications in the Public Cloud - RightScale Compute...

IT security for all. Bootcamp slides

Trusted Computing security _platform.ppt

Shift Remote: AI: Behind the scenes development in an AI company - Matija Ili...

Shift Remote AI: Behind the Scenes Development in an AI Company - Matija Ilij...

Can Your Mobile Infrastructure Survive 1 Million Concurrent Users?

Getting Started with Amazon Inspector

Recently uploaded

The presentation was made in “Web3 Fusion: Embracing AI and Beyond” is more than a conference; it's a journey into the heart of digital transformation. The conference a provided a platform where the future of technology meets practical application. This three-day hybrid event, set in the heart of innovation, served as a gateway to the latest trends and transformative discussions in AI, Blockchain, IoT, AR/VR, and their collective impact on the information space.

AI in Action: Real World Use Cases by Anitaraj

AnitaRaj43

The integration landscape is changing rapidly with the introduction of technologies like GraphQL, gRPC, stream processing, iPaaS, and platformless. However, not all existing applications and industries can keep up with these new technologies. Certain industries, like manufacturing, logistics, and finance, still rely on well-established EDI-based message formats. Some applications use XML or CSV with file-based communications, while others have strict on premises deployment requirements. This talk focuses on how Ballerina's built-in integration capabilities can bridge the gap between "old" and "new" technologies, modernizing enterprise applications without disrupting business operations.

Modernizing Legacy Systems Using Ballerina

WSO2

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....

rightmanforbloodline

Quantum Leap in Next-Generation Computing

WSO2

In this session, we will discuss the journey of API governance from its initial, ungoverned state to the development of sophisticated models that tackle contemporary challenges. We'll explore how APIs have become essential in the intersection of business and technology, adapting to advancements and evolving needs. We'll focus on how organizations have moved from launching to monetizing APIs, using models like pay-per-use and subscriptions, and finding the right balance between technical implementation and business strategy. We'll also highlight the impact of governance on monetization strategies, especially how data security, compliance, and service quality influence pricing. Real-world examples will demonstrate the effective integration of governance with monetization, including AI's role in dynamic pricing. Looking ahead, we'll share insights into future trends in API governance and monetization, emphasizing the importance of adaptability, continuous learning, and innovation.

API Governance and Monetization - The evolution of API governance

WSO2

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

DBX First Quarter 2024 Investor Presentation

Dropbox

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Key topics covered: - Understanding the basics of IAM and its significance in the modern enterprise. IAM in a platformless environment - Tackling real-world issues like prioritizing frictionless yet secure user access, securing high-value APIs, integrating to business, compliance, and adapting to cloud native environments with scalable solutions - Practical demonstrations of how WSO2 products can be instrumental in deploying efficient IAM solutions - Preparing for upcoming trends and innovations in identity management

Navigating Identity and Access Management in the Modern Enterprise

WSO2

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

Decarbonising Commercial Real Estate: The Role of Operational Performance

IES VE

Discover the innovative features and strategic vision that keep WSO2 an industry leader. Explore the exciting 2024 roadmap of WSO2 API management, showcasing innovations, unified APIM/APK control plane, natural language API interaction, and cloud native agility. Discover how open source solutions, microservices architecture, and cloud native technologies unlock seamless API management in today's dynamic landscapes. Leave with a clear blueprint to revolutionize your API journey and achieve industry success!

WSO2's API Vision: Unifying Control, Empowering Developers

WSO2

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)

Samir Dash

Recently uploaded (20)

AI in Action: Real World Use Cases by Anitaraj

Modernizing Legacy Systems Using Ballerina

Elevate Developer Efficiency & build GenAI Application with Amazon Q

TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....

Quantum Leap in Next-Generation Computing

API Governance and Monetization - The evolution of API governance

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

DBX First Quarter 2024 Investor Presentation

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Navigating Identity and Access Management in the Modern Enterprise

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Decarbonising Commercial Real Estate: The Role of Operational Performance

WSO2's API Vision: Unifying Control, Empowering Developers

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

[BuildWithAI] Introduction to Gemini.pdf

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)

Microsoft Palladium.

1. Anurag Sharma MCA-4 Microsoft Palladium

2. CONTENTS • Introduction • Trustworthy Computing • Palladium goals • How palladium will do it • TCPA • Conclusion

3. Introduction • A set of Hardware & Software. • Next-Generation Secure Computing Base. • It make the pc more trustworthy. • Goal is to “protect software from software”.

4. • Trustworthy: worthy of confidence. • Examples: • Credit card numbers that can’t be stolen. • Palladium seeks to solve them all. Trustworthy Computing

5. • Perform trusted operations • Span multiple computers with this trust • Create dynamic trust policies • Allow anyone to authenticate these policies Palladium’s Goals

6. How Palladium Will Do It • Specifically, Palladium will add four new security features : • Protected memory • Attestation • Sealed storage • Secure input and output • It primarily does this through cryptographic keys and algorithms.

7. TCPA • Trusted Computing Platform Alliance • Group of companies (about 200) • Biggest players: • Microsoft • Intel • Compaq • HP • IBM • Same goal as Palladium: trustworthiness

8. Conclusion • Palladium is a platform • Enables ISVs to write trusted apps easily. • Will it work? • Who knows. Microsoft hopes so. • Do you want it to work? • There are good and bad outcomes of it. • It’s a personal decision.

9. Thank You

10. Thank You

Editor's Notes

In order to provide for the above goals, Palladium will implement four new security measures. They are as follows (with definitions taken directly from Microsoft TechNet): Protected memory The ability to wall off and hide pages of main memory so that each [trusted] application can be assured that it is not modified or observed by any other application or even the operating system. Attestation The ability for a piece of code to digitally sign or otherwise attest to a piece of data and further assure the signature recipient that the data was constructed by an unforgeable, cryptographically identified software stack. Sealed storage The ability to store information securely so that a [trusted] application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be identified in a cryptographically secure manner. Secure input and output A secure path from the keyboard and mouse to [trusted] applications, and a secure path from [trusted] applications to a region of the screen. Palladium does most of this through the use of cryptographic keys and algorithms.
TCPA, or Trusted Computing Platform Alliance, is an organization founded by a group of companies. It was started by the big five listed above, but now has more than 200 companies involved with it. Like Palladium, its goal is to increase the trustworthiness of the PC. As we will see, TCPA doesn’t go nearly as far as Palladium plans to and only deals with hardware.
Like Windows and .Net, Palladium is a platform. Microsoft is a platform company, don’t forget. That’s what they do and that’s what they’re best at. Palladium provides the groundwork that enables independent software vendors (ISVs) to write secure, trusted applications just as easily as today’s normal Windows applications are written. Palladium is going to be incorporated into a future version of Windows. It’s still a few years away though. Finally, the big question is whether the Palladium initiative will work. It’s definitely not going to be easy for Microsoft. Palladium won’t be very effective unless a lot of people are using it. And people won’t use it unless Palladium is effective. Thus it’s going to be a long, uphill battle for Microsoft.

Microsoft Palladium.

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Microsoft Palladium.

Similar to Microsoft Palladium. (20)

Recently uploaded

Recently uploaded (20)

Microsoft Palladium.

Editor's Notes