Back Next-Generation Secure Computing Base German پایه نسل بعدی محاسبات امن Persian Next-Generation Secure Computing Base Finnish Next-generation secure computing base French Next-Generation Secure Computing Base Italian 次世代セキュアコンピューティングベース Japanese 차세대 보안 컴퓨팅 기반 Korean Next-Generation Secure Computing Base NB Next-Generation Secure Computing Base Swedish 下一代安全计算基础 Chinese

Next-Generation Secure Computing Base

NGSCB essentially partitions the operating system into two discrete modes. Untrusted Mode consists of traditional applications, Windows, and its components. Trusted Mode is the environment introduced by NGSCB and consists of a new software component called the Nexus that provides NGSCB applications—Nexus Computing Agents—with security-related features.

The Next-Generation Secure Computing Base (NGSCB; codenamed Palladium[1] and also known as Trusted Windows[2]) is a software architecture designed by Microsoft which claimed to provide users of the Windows operating system with better privacy, security, and system integrity.[3][4] NGSCB was the result of years of research and development within Microsoft to create a secure computing solution that equaled the security of closed platforms such as set-top boxes while simultaneously preserving the backward compatibility, flexibility, and openness of the Windows operating system.[5][6][7] Microsoft's primary stated objective with NGSCB was to "protect software from software."[5]

Part of the Trustworthy Computing initiative when unveiled in 2002, NGSCB was to be integrated with Windows Vista, then known as "Longhorn."[1] NGSCB relied on hardware designed by the Trusted Computing Group to produce a parallel operation environment hosted by a new hypervisor (referred to as a sort of kernel in documentation) called the "Nexus" that existed alongside Windows and provided new applications with features such as hardware-based process isolation, data encryption based on integrity measurements, authentication of a local or remote machine or software configuration, and encrypted paths for user authentication and graphics output.[3][8] NGSCB would facilitate the creation and distribution of digital rights management (DRM) policies pertaining the use of information.[9]

NGSCB was subject to much controversy during its development, with critics contending that it would impose restrictions on users, enforce vendor lock-in, and undermine fair use rights and open-source software. It was first demonstrated by Microsoft at WinHEC 2003[10] before undergoing a revision in 2004 that would enable earlier applications to benefit from its functionality.[11] Reports indicated in 2005 that Microsoft would change its plans with NGSCB so that it could ship Windows Vista by its self-imposed deadline year, 2006; instead, Microsoft would ship only part of the architecture, BitLocker, which can optionally use the Trusted Platform Module to validate the integrity of boot and system files prior to operating system startup.[12] Development of NGSCB spanned approximately a decade before its cancellation,[6][13] the lengthiest development period of a major feature intended for Windows Vista.

NGSCB differed from technologies Microsoft billed as "pillars of Windows Vista"—Windows Presentation Foundation, Windows Communication Foundation, and WinFS—during its development in that it was not built with the .NET Framework and did not focus on managed code software development.[8][14] NGSCB has yet to fully materialize; however, aspects of it are available in features such as BitLocker of Windows Vista, Measured Boot and UEFI of Windows 8,[15] Certificate Attestation of Windows 8.1,[16] Device Guard of Windows 10.[17] and Device Encryption in Windows 11 Home editions, with TPM 2.0 mandatory for installation.

  1. ^ a b Levy, Steven (June 24, 2002). "The Big Secret". Newsweek. Newsweek LLC. Retrieved January 30, 2015.
  2. ^ Biddle, Peter; Peinado, Marcus; England, Paul (2000). "Privacy, Security, and Content in Windows Platforms". Microsoft. Archived from the original (PPT) on April 2, 2015. Retrieved January 30, 2015.
  3. ^ a b Microsoft. "Shared Source Initiative Home Page". Microsoft. Retrieved January 30, 2015.
  4. ^ Carroll, Amy; Juarez, Mario; Polk, Julia; Leininger, Tony (2002). "Microsoft 'Palladium': A Business Overview" (PDF). Microsoft. Retrieved May 3, 2015.
  5. ^ a b Aday, Michael. "Palladium" (PDF). Microsoft. Retrieved January 30, 2015.
  6. ^ a b Fried, Ina (September 8, 2004). "Controversial Microsoft plan heads for Longhorn". CNET. CBS Interactive. Retrieved January 30, 2015.
  7. ^ England, Paul; Lampson, Butler; Manferdelli, John; Peinado, Marcus; Willman, Bryan (July 2003). "A Trusted Open Platform" (PDF). IEEE Computer Society. Retrieved September 25, 2015.
  8. ^ a b Kaplan, Keith; Cram, Ellen (2003). "Next-Generation Secure Computing Base - Overview and Drilldown" (PPT). Microsoft. Retrieved January 30, 2015.
  9. ^ Microsoft (20 February 2014). "Next-Generation Secure Computing Base - Technical FAQ". TechNet. Retrieved February 16, 2015.
  10. ^ "A Review of Microsoft Technology for 2003, Preview for 2004". News Center. Microsoft. December 15, 2003. Retrieved January 30, 2015.
  11. ^ Evers, Joris (May 5, 2004). "WinHEC: Microsoft revisits NGSCB security plan". Network World. IDG. Archived from the original on November 18, 2005. Retrieved January 30, 2015.
  12. ^ Sanders, Tom (April 26, 2005). "Longhorn security gets its teeth kicked out". Incisive Media. Retrieved January 30, 2015.
  13. ^ Fried, Ina (April 25, 2005). "Microsoft: 'Trusted Windows' still coming, trust us". CNET. CBS Interactive. Retrieved August 18, 2015.
  14. ^ "Microsoft: Palladium is still alive and kicking". eWeek. QuinStreet. May 5, 2004. Retrieved January 30, 2015.
  15. ^ Microsoft. "Secured Boot and Measured Boot: Hardening Early Boot Components against Malware" (DOCX). MSDN. Retrieved January 30, 2015.
  16. ^ Microsoft (July 24, 2013). "What's Changed in Security Technologies in Windows 8.1". MSDN. Retrieved March 6, 2015.
  17. ^ Thomson, Iain (April 23, 2015). "Windows 10 Device Guard: Microsoft's effort to keep malware off PCs". The Register. Situation Publishing. Retrieved April 25, 2015.
From Wikipedia, the free encyclopedia · View on Wikipedia

Developed by Tubidy