Developers get hands on Microsoft’s NGSCB

In addition to showing off its next-generation Longhorn operating system this week, Microsoft for the first time handed out code that underlies its closely watched Next-Generation Secure Computing Base security technology.

The company also further narrowed its focus for NGSCB, previously known by its Palladium codename, saying it is focused on putting the first version of the hardware-based security technology to work for specific business applications only, not consumer software.

Attendees at Microsoft’s Professional Developers Conference (PDC) in Los Angeles received a developer preview of NGSCB. Developers can use this preview to get a feel of what it is like to develop an application that uses NGSCB security.

“This is the first code that we have put out there. It is very early stuff,” said Mario Juarez, a product manager at Microsoft’s Security Business Unit. “View it as an educational opportunity.”

Developers who write code based on the preview get no guarantees that their code it will actually work when NGSCB Version 1 ships as part of Longhorn, Juarez said.

NGSCB is a combination of hardware and software that creates a second operating environment within a PC that is meant to protect the system from malicious code by providing secure connections between applications, peripheral hardware, memory and storage. NGSCB will make its debut as part of Longhorn, the codename for the next version of Windows expected in 2006.

Microsoft is working with software makers, system integrators and large customers in the financial services, healthcare and government areas to create business applications that use NGSCB, Juarez said. These applications include document signing, secure instant messaging, viewing secure data and secure e-mail, he said.

In the past, Microsoft had also pitched NGSCB as an important technology for consumers. It would be part of the cure for the seemingly endless stream of viruses, worms and security bugs that also hits consumer PCs.

“We’re not going to have a consumer story until version two of NGSCB,” said Mario Juarez, a product manager at Microsoft’s Security Business Unit. No schedule has been set for the release of version two.

Microsoft says the technology could be a boon for PC users, though critics have argued that it is merely a way to deliver strong digital rights management technology that will curtail users’ ability to control their own PCs and could erode fair-use rights for digital music and movie files.

NGSCB includes a new software component for Windows called a “nexus,” and a chip that can perform cryptographic operations called the Security Support Component. NGSCB also requires changes to a PC’s processor, chipset, video and input hardware, Microsoft has said. Because of the hardware requirements, users will have to buy a new PC to take advantage of NGSCB.