MS plans new security system in future Windows

MS plans new security system in future Windows

Microsoft wants to change the fundamental architecture of the PC, adding security hardware to a future release of its Windows operating system.

Microsoft wants future PCs to contain a security technology called Palladium, and is in discussion with Intel and Advanced Micro Devices to develop the chips.

Palladium "is really about security, privacy and system integrity", said Mario Juarez, group product manager for the content security business unit at Microsoft. "We're talking here about re-architecting the PC platform."

The new architecture, as described by Juarez, would see a new security chip used for encryption added to PCs, along with new APIs (Application Program Interfaces) created to allow programs to be written to take advantage of Palladium, he said. Palladium may also cover chipsets, graphics processors and USB (Universal Serial Bus) input/output systems, he said.

Though Intel and AMD have been involved in design discussions to ensure that Palladium will work with existing processor architectures, it is too early to say whether they will manufacture the encryption chip, Juarez said. Other companies have also been involved in the design of the system and will continue to be part of the process, he said.

Palladium will create a secure space within a PC in which users will be able to run applications and store data, he said. The secure space will not be accessible to the rest of the PC, meaning that a virus infecting the non-Palladium part of the computer would not make its way into the secure area, Juarez said.

The timeframe for Palladium's inclusion into Windows is unsure for now, as the initiative is only in its early stages, he said.

Among possible applications of the technology are authentication of communications and code, data encryption, privacy control and digital rights management (DRM), according to a Newsweek report. Microsoft was awarded a US patent on a "digital rights management operating system" in December 2001, though Juarez could not definitely say whether that patent was directly related to Palladium.

The system is comprised of three components, an authentication system, hardware chips and software, called the "nub", that handles the security tasks, according to Martin Reynolds, a research fellow with market analysis firm Gartner. Reynolds was briefed on Palladium by Microsoft.

The three components will work in parallel to the operating system, with security tasks shunted from the operating system to the Palladium system, rather than as an integrated part of it, he said. Palladium is a security foundation upon which to build other security features, more than a system itself, he added.

As such, Palladium "is a very clever system", Reynolds said. "You can't crack it in the conventional sense."

Conventional cracking of the technology would be difficult because when an attacker tries to forge or attack the digital signatures used in the authentication component, the nub loses its encryption keys, making the system unable to communicate, he said.

"It's not impossible [to crack], but it would likely have to be done one machine at a time and in hardware, rather than software," Reynolds said.

"Palladium does have the ability to give us truly secure PCs," he said. "Once we have security, do we want it," he added, anticipating possible user concerns about privacy and digital rights management.

Consumers are not likely to be pleased about Palladium's DRM features, though "if you're the Hollywood people, you're thrilled", he said.

While most talk of DRM revolves around music, Microsoft chairman and chief software architect Bill Gates sees it as more useful for controlling e-mail: Palladium could be used to limit forwarding of messages, or to make them unreadable after a certain time interval has elapsed, the Newsweek report said.

Microsoft, for one, would benefit from being able to control e-mail in such a way. It has repeatedly fought to keep damaging internal e-mail out of court records in recent cases, including its battle with the nine non-settling states over remedies in its antitrust fight with the DOJ.

The technology needs to be widespread in order to be useful: 100 million devices will have to be shipped "before it really makes a difference", the report quotes Microsoft vice president Will Poole as saying.

Palladium grew out of a skunk-works project looking for ways to secure information stored on machines running Windows and became an official Microsoft project in October 2001, according to the report.

Gartner's Reynolds said "Microsoft is talking about making it open source", but Microsoft's Juarez, didn't entirely agree with this assessment.

When asked whether users would be required to run Windows in order to take advantage of Palladium's features, Juarez replied, "The short answer is 'yeah'."

That doesn't mean that all other platforms will be excluded. "We understand the importance of being inclusive. We do not want this to be seen as a Microsoft-only initiative. Our goal is to be as inclusive as possible," he said, adding that other platforms may well see some level of interoperability.

To facilitate that broader support, Microsoft will be working with other companies, both in the hardware and software markets, as well as listening to feedback from users, Juarez said.

"This is a collaborative industry initiative . . . that can only work if every stakeholder has a voice and participates in the process," he said.

Juarez was unable to provide more specifics about how Microsoft would offer that voice, but said that the company would be soliciting feedback from users at some point.

"This system looks a lot like Hailstorm [a codename for an early version of Microsoft's .Net Services] re-created," said Chris Hoofnagle, legislative counsel for the Electronic Privacy Information Centre, a non-profit Internet user rights group based in Washington.

"It's not good for consumers. Anything with verification and DRM limits consumers' ability to control their behaviour," he said.

"One of the problems is that Microsoft will not be able to be transparent in order to make this scheme work," he said. Microsoft has relied on making security vulnerability information hard to discover, as opposed to fixing security flaws, he said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments