Microsoft answers Palladium detractors

Microsoft will show early prototypes of computers using its Next-Generation Secure Computing Base (NGSCB) technology, a...

Microsoft will show early prototypes of computers using its Next-Generation Secure Computing Base (NGSCB) technology, a combination of hardware and software, at its Windows Hardware Engineering Conference in May.

However, critics fear the security technology, formerly known as Palladium, could curtail users' ability to control their own PCs and could even remove fair-use rights when it came to digital music and movie files.

Further details and demonstrations of the technology are planned for October, at the Microsoft Professional Developers Conference (PDC) in Los Angeles, said Microsoft security development engineer Brandon Baker.

NGSCB is to be included in a future version of Windows, possibly in Windows XP successor Longhorn, scheduled for release in 2005.

Chip makers Intel and Advanced Micro Devices are working with Microsoft on the technology.

NGSCB includes a new software component for Windows called a "nexus" and a chip that can perform cryptographic operations called the Security Support Component. The technology creates a second operating environment within a PC that is meant to protect the system from malicious code by providing secure connections between applications, peripheral hardware, memory and storage.

Future antivirus applications, for example, can run in a secure execution environment to guarantee that the application is not corrupted, Microsoft claimed.

However, NGSCB also enables strict DRM (Digital Rights Management) enforcement and the security chip carries a unique security key, which could be used to identify the PC that used the chip.

Microsoft insisted that NGSCB would not interfere with any program running in the regular Windows environment and does not give applications the power to do so. It is working on a solution for the security key issue.

Microsoft added that it would make the source code of the Windows addition for NGSCB, the nexus, widely available for evaluation and validation by others.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.