Securing the Next Generation of Computing?

Microsoft's Next Generation Secure Computing Base approaches security by splitting the system, like a brain, into right and left sides, but will anyone adopt the approach?

Weve all seen the utilities designed to monitor whats running on your PC—startup managers, firewalls, antivirus packages, and the like. They work to varying degrees, protecting users from malware, but are far from foolproof. You have to be able to trust the safety of what you put on your PC, though.

At the Windows Hardware Engineering Conference (WinHEC 2003) in New Orleans, Microsoft is trying to garner support for its proposed solution, the Next-Generation Secure Computing Base (NGSCB). With NGSCB, your computer always ensures the safety of data and applications you deem critical.

Following an analogy popular in political and even religious ideologies, Microsoft is proposing a partitioning of new systems into right- and left-hand sides (RHS and LHS). Whatever goes to the RHS is trusted, operating in whats known as a nexus. Processes in the LHS must work with something in the RHS to be trusted, though.

Windows is a sprawling OS. Attempting to secure each component would be a logistics nightmare. Rather, NGSCB leaves the majority of Windows drivers and processes in the LHS, untouched. You can run what you wish on a machine, unsecure, just as you can today. Putting apps into the RHS or nexus, though, will totally protect them. These programs can still make system calls to drivers and the like in the LHS, but LHS processes and drivers cannot make calls to anything in the RHS. Memory addressed by the RHS is also locked down. The only way in and out of the RHS nexus is through agent software written for the apps within.

Getting programmers to write nexus-aware software wont be the hurdle though—developers are used to working with new Microsoft APIs by now. The real challenge will be convincing hardware manufacturers to work together on this. To make sure the nexus is not vulnerable at any point, NGSCB will require new chip sets and CPUs, new security hardware, and even changes to graphics cards and input devices. Microsoft, no doubt realizing this could be tough to pull off soon, calls NGSCB a "multiyear" project. The technology really could be the next big thing, but right now is far too early to guess how long NGSCB will take just to become a real thing.