this is presentation on ms palladium.
i am trying to understand easily and in short.
for more information and the notes about the ms palladium mail me.
3. Introduction
• A set of Hardware & Software.
• Next-Generation Secure Computing Base.
• It make the pc more trustworthy.
• Goal is to “protect software from software”.
4. • Trustworthy: worthy of confidence.
• Examples:
• Credit card numbers that can’t be stolen.
• Palladium seeks to solve them all.
Trustworthy
Computing
5. • Perform trusted operations
• Span multiple computers with this trust
• Create dynamic trust policies
• Allow anyone to authenticate these policies
Palladium’s
Goals
6. How Palladium
Will Do It
• Specifically, Palladium will add four new security
features :
• Protected memory
• Attestation
• Sealed storage
• Secure input and output
• It primarily does this through cryptographic keys
and algorithms.
7. TCPA
• Trusted Computing Platform Alliance
• Group of companies (about 200)
• Biggest players:
• Microsoft
• Intel
• Compaq
• HP
• IBM
• Same goal as Palladium: trustworthiness
8. Conclusion
• Palladium is a platform
• Enables ISVs to write trusted apps easily.
• Will it work?
• Who knows. Microsoft hopes so.
• Do you want it to work?
• There are good and bad outcomes of it.
• It’s a personal decision.
In order to provide for the above goals, Palladium will implement four new security measures. They are as follows (with definitions taken directly from Microsoft TechNet):
Protected memory
The ability to wall off and hide pages of main memory so that each [trusted] application can be assured that it is not modified or observed by any other application or even the operating system.
Attestation
The ability for a piece of code to digitally sign or otherwise attest to a piece of data and further assure the signature recipient that the data was constructed by an unforgeable, cryptographically identified software stack.
Sealed storage
The ability to store information securely so that a [trusted] application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be identified in a cryptographically secure manner.
Secure input and output
A secure path from the keyboard and mouse to [trusted] applications, and a secure path from [trusted] applications to a region of the screen.
Palladium does most of this through the use of cryptographic keys and algorithms.
TCPA, or Trusted Computing Platform Alliance, is an organization founded by a group of companies. It was started by the big five listed above, but now has more than 200 companies involved with it. Like Palladium, its goal is to increase the trustworthiness of the PC. As we will see, TCPA doesn’t go nearly as far as Palladium plans to and only deals with hardware.
Like Windows and .Net, Palladium is a platform. Microsoft is a platform company, don’t forget. That’s what they do and that’s what they’re best at. Palladium provides the groundwork that enables independent software vendors (ISVs) to write secure, trusted applications just as easily as today’s normal Windows applications are written.
Palladium is going to be incorporated into a future version of Windows. It’s still a few years away though.
Finally, the big question is whether the Palladium initiative will work. It’s definitely not going to be easy for Microsoft. Palladium won’t be very effective unless a lot of people are using it. And people won’t use it unless Palladium is effective. Thus it’s going to be a long, uphill battle for Microsoft.