Uploaded byAnurag Sharma
Microsoft Palladium.
Palladium is a next-generation secure computing platform aiming to enhance trustworthiness in computing by protecting software from software, particularly for sensitive data like credit card information. It includes features such as protected memory, attestation, sealed storage, and secure input/output, facilitated by cryptographic techniques. The Trusted Computing Platform Alliance, composed of major tech companies, supports the same goals of establishing trustworthiness in software applications.
More Related Content
Microsoft Palladium.
- 1.
- 2. CONTENTS • Introduction • TrustworthyComputing • Palladium goals • How palladium will do it • TCPA • Conclusion
- 3. Introduction • A setof Hardware & Software. • Next-Generation Secure Computing Base. • It make the pc more trustworthy. • Goal is to “protect software from software”.
- 4. • Trustworthy: worthyof confidence. • Examples: • Credit card numbers that can’t be stolen. • Palladium seeks to solve them all. Trustworthy Computing
- 5. • Perform trustedoperations • Span multiple computers with this trust • Create dynamic trust policies • Allow anyone to authenticate these policies Palladium’s Goals
- 6. How Palladium Will DoIt • Specifically, Palladium will add four new security features : • Protected memory • Attestation • Sealed storage • Secure input and output • It primarily does this through cryptographic keys and algorithms.
- 7. TCPA • Trusted ComputingPlatform Alliance • Group of companies (about 200) • Biggest players: • Microsoft • Intel • Compaq • HP • IBM • Same goal as Palladium: trustworthiness
- 8. Conclusion • Palladium isa platform • Enables ISVs to write trusted apps easily. • Will it work? • Who knows. Microsoft hopes so. • Do you want it to work? • There are good and bad outcomes of it. • It’s a personal decision.
- 9.
- 10.
Editor's Notes
- #7 In order to provide for the above goals, Palladium will implement four new security measures. They are as follows (with definitions taken directly from Microsoft TechNet): Protected memory The ability to wall off and hide pages of main memory so that each [trusted] application can be assured that it is not modified or observed by any other application or even the operating system. Attestation The ability for a piece of code to digitally sign or otherwise attest to a piece of data and further assure the signature recipient that the data was constructed by an unforgeable, cryptographically identified software stack. Sealed storage The ability to store information securely so that a [trusted] application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be identified in a cryptographically secure manner. Secure input and output A secure path from the keyboard and mouse to [trusted] applications, and a secure path from [trusted] applications to a region of the screen. Palladium does most of this through the use of cryptographic keys and algorithms.
- #8 TCPA, or Trusted Computing Platform Alliance, is an organization founded by a group of companies. It was started by the big five listed above, but now has more than 200 companies involved with it. Like Palladium, its goal is to increase the trustworthiness of the PC. As we will see, TCPA doesn’t go nearly as far as Palladium plans to and only deals with hardware.
- #9 Like Windows and .Net, Palladium is a platform. Microsoft is a platform company, don’t forget. That’s what they do and that’s what they’re best at. Palladium provides the groundwork that enables independent software vendors (ISVs) to write secure, trusted applications just as easily as today’s normal Windows applications are written. Palladium is going to be incorporated into a future version of Windows. It’s still a few years away though. Finally, the big question is whether the Palladium initiative will work. It’s definitely not going to be easy for Microsoft. Palladium won’t be very effective unless a lot of people are using it. And people won’t use it unless Palladium is effective. Thus it’s going to be a long, uphill battle for Microsoft.