Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Security /

Microsoft needs help for security plan to fly

Today's breaking news
Send to a friendFeedback

By John Fontana
Network World, 07/01/02

Microsoft's latest plan to secure desktop systems and servers is complex and will require coordination with hardware and software manufacturers across the industry.

If successful, PCs will come with certificates stored in hardware that will control user access to the computer and validate everything sent to that computer from executable code to documents. It will let users safeguard sensitive data, stop spam and viruses, and ensure only approved software runs on the machine.

Microsoft unveiled its project last week as Palladium, software that works in conjunction with specialized chips installed on a PC to create trusted "sandboxes" where programs and operations can be executed securely. It is de-signed to eliminate the security holes Microsoft has been unable to plug.

Palladium is Microsoft's most ambitious effort under its 6-month-old Trustworthy Computing initiative.

Network executives and other experts say the promise of Palladium is intriguing but that Micro-soft will have to overcome its reputation for weak system security and heavy-handed tactics with business partners.

"This is one of those things that if it works like it says it will on paper it will be great," says Jeff Allred, manager of network services for Duke University Cancer Center in Durham, N.C. "But every lock has a key, and nothing Microsoft has put out has been hack-proof. They have a lot of hurdles to get over, including the retooling that every processor and hardware manufacturer in the world will have to go through to support Palladium."

Experts say that is the project's major challenge. Intel and Advanced Micro Devices are among a dozen partners working with Microsoft on Palladium.

"Hardware will have to be modified and it will have to be done right, it will have to be perfect," says Martin Reynolds, a Gartner analyst. "It's the processors, the chip sets, the silicon that secures the certificates." Those certificates are stored in hardware and are used to determine what code or communication Palladium will trust.

A network of certificate authorities that issue and revoke certificates also has to be established, something that has impeded implementations of public-key infrastructure.

Reynolds says Palladium also will have to be pristine because if it is upgraded, patched or changed in any way, the hardware security certificates become in-valid and Palladium shuts down.

Regardless, Reynolds calls Palladium, "a very clever solution."

Palladium will work in parallel with the Windows operating system, letting the operating system pass to Palladium its most sensitive operations. In turn, Palladium can reserve memory for those operations, performing them in a "virtual vault," which, for example, would prevent malicious code from spreading to other parts of the system.

Microsoft has not mentioned a timetable for Palladium's release, but speculation is that it could de delivered in 2004 with Longhorn, the next version of the Windows operating system.

The work is not without precedence. For the past three years, IBM has shipped millions of PCs with an embedded security processor, mostly to financial services and healthcare customers. The processor and special software work together as a gatekeeper to validate everything that happens on the machine.

The processor grew out of work begun in 1999 by the Trusted Computing Platform Alliance (TCPA), founded by IBM, Intel, Hewlett-Packard, Compaq (now part of HP), and, not coincidentally, Microsoft. The goal is to deliver a set of hardware and operating system security capabilities that enhance trust and security in computing. Last year the TCPA published its 1.1 specification.

"Microsoft is re-creating this work and pushing it," says Clain Anderson, director of security solutions in IBM's personal computing division. "Building right into the operating system the software to run the chip is a logical progression of this work." One change is speed - IBM runs everything on the chip, but Palladium will use operating system memory to create a much faster system.

Microsoft also must make other improvements, especially be-cause it wants Palladium to se-cure communication from the key-board to the Internet.

"Their software will require a lot of interface work and that will require new inventions and that means a lot of work for [independent software vendors]," Anderson says. IBM has only two interfaces, Microsoft's Crypto API and Public Key Cryptography System 11, to integrate products from vendors such as Entrust and RSA Security. Microsoft will need more to support features beyond cryptography.

Industry support will play a big role if Palladium is to ever succeed.

"We know this can only work if it is a collaborative process," says Mario Juarez, group product manager for the Palladium team. "But how that will shake out, we do not know. The challenge is how do you start this evolution. We need to do some things differently."

For one, Palladium's source code will be released publicly, but Juarez did not say how it would be licensed.

One would-be collaborator, RSA, welcomes Microsoft's efforts, but recognizes the challenges ahead.

"When you build security from the ground up you get much better security," says John Worrall, vice president of marketing for RSA, which has been working for the past two years on its own encryption-on-a-chip project. He says that experience underscores Palladium's challenges.

"If you have an application written for our particular encryption chip and it runs on a PC without the chip, you get subpar performance," Worrall says. RSA has developed software that helps correct that problem.

Juarez says that will be an issue and that widespread adoption will be key to Palladium, which will not run by default but will have an opt-in feature.

Opt-in is a key concept.

"Microsoft has to go back to customers and say, ‘You need another hardware and software upgrade,'" says Phil Schacter, an analyst with The Burton Group. "And how easy will it be for third-party vendors to write secure, certifiable software?"

But Schacter says Microsoft is showing maturity in its security thinking and now must do that in its design and execution.

"This kick-starts an interesting discussion in the industry," he says.

RELATED LINKS

Contact Senior Editor John Fontana

Other recent articles by Fontana

Gates calls for "trustworthy computing"
IDG News Service, 01/17/02.

Trusted Computing Platform Alliance

Obama administration partially lifts secrecy on classified cybersecurity project 3/3/2010
Security experts wrestle with cyberattack scenario 2/16/2010
Developers Responsible for Programming Problems 2/16/2010
Powered by Inform

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.