Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Development
    • Development

    Microsoft Demos NGSCB Rights Scheme

    By
    Mark Hachman
    -
    May 7, 2003
    Share
    Facebook
    Twitter
    Linkedin

      NEW ORLEANS–Microsoft employees showed off a practical application of digital-rights-management software Tuesday, in what was billed as the first public showcase of the companys Next-Generation Secure Computing Base (NGSCB).

      Microsoft executives formally unveiled the Nexus, the heart of the companys software. Mike Nash, corporate vice-president of the Security Business Unit at Microsoft, and some Microsoft volunteers showed off NGSCB powering a financial trading applet and real-time chat.

      For Microsoft, NGSCB means policy management, the freedom to be able to regulate what can and cant be done with company documents that are emailed to others in the company; and the security of knowing that code cant be modified without a users permission, or at least awareness.

      “The key is that were looking at a major change in the structure of computing,” Nash said.

      Security is also part of an overall system, both inside the PC and in the customers IT department. Many vulnerabilities arent in the “security” layers of code, but in other parts of the system, Nash said. The Microsoft Windows 2000 team set aside a month to secure the code base; it ended up taking ten weeks.

      However, that structure has still not been fully disclosed. In a presentation, Kevin Corbett, group director of marketing and strategic planning at Intel, confirmed that the company has a hardware security plan in place, called LaGrande, but did not offer any further details. On Wednesday, Microsoft is scheduled to offer a few more details on how NGSCB works to encrypt communications and data, as far down as the keyboard, and even information passed through the video card. One source at Intel said the company would delay any substantive discussion of LaGrande until later, most likely the fall Intel Developer Forum show in late summer.

      NGSCB works on four principles: isolating the compute process; “sealed storage” through encryption; a secure or encrypted path to and from the user, using encrypted peripherals; and attestation, or the oversight a user has of a particular process.

      Many applications can run unencrypted. But if the datas policy – its ability to be read, printed, or otherwise acted upon by a set number of individuals – needs to be managed or restricted in some way, that data can be encrypted through the nexus, NGSCBs management engine.

      “Its really about making sure there is a wall about the data…using hardware based secrets that are impossible to change,” Nash said.

      When logging in, a user identifies himself to the system in some way, possibly a smart card. The nexus, in turn, can be cryptographically authenticated by signing in with the hardware, such as LaGrande or motherboard SSID. Applications, or agents, will then look for the combination of the unique user and nexus combination to allow them to run, using the key stored in the hardware Security Support Component. Finally, NGSCB-compliant code will be signed to prevent it from being altered. If it, the code will alert other applications that it has been changed preventing them from working with the modified code.

      An early example of Microsofts stance on security will be encapsulated in the Windows Rights Management Server, shipping late this year after Windows Server 2003, according to Mike Atalla of Microsofts technical management team. Among other features, Windows Rights Management allows Outlook users to define what recipients can or can not do with forwarded or sent email. The software is designed to block a users traditional method of breaking DRM, including forwarding the email, taking a snapshot using the “Print Screen” button, and other tricks.

      In a demonstration, Nash and three volunteers from his team roleplayed one users attempt to access a financial services application, while an attacker attempted to wreak havoc upon his system. In one example, the hacker used a popular hacking program to search the victims physical RAM, searching for strings like “account_number”. The same hacker then tried accessing the hard drive and modifying the financial application to search for identifying information.

      Running an NGSCB version of the same agent, however, the memory was protected and encrypted. When the application was modified, the identifying code hash was altered, alerting the server and preventing the application from running.

      Likewise, the hacker attempted to sniff the packets sent by a custom chat application in a hunt for confidential information. Encrypted with NGSCB, the packets turned into meaningless noise.

      Mark Hachman
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×