ADVERTISEMENT

In addition to new core components in Windows that will move the Palladium effort forward, Microsoft is working with hardware partners to build Palladium components and features into their products. "The new hardware architecture involves some changes to CPUs which are significant from a functional perspective," says Juarez. "There will also be a new piece of hardware called for by Palladium that you might refer to as a security chip. It will provide a set of cryptographic functions and keys that are central to what we're doing. There are also some associated changes under the chipset, and the graphics and I/O system through the USB port--all designed to create a comprehensive security environment."

The approach outwardly seems to mimic that of the Trusted Computing Platform Alliance, whose specification was finalized in January 2001. TCPA calls for the creation of a "Trusted Platform Module"(TPM), a discrete cryptographic processor residing on the PC's motherboard that contains a unique digital signature.

Palladium, on the other hand, uses a PC's microprocessor to run some form of low-level encryption, and can also use a TPM-like module for additional encryption, according to Geoffrey Strongin, AMD's platform security architect.

DISCUSSIONS

GoodOlMike: The sorriest thing is that a very complacent computer press and a large marketing budget will probably convince a lot of people to buy into this idiot box.

view full post

twistedtech: Better go stockpile all old legacy devices without any built in protection. If this ever does happen, those will probably become hot items.

view full post

AlfredM: I think a whole lot is being assumed here, esp. for info coming from a story that hasnt even been confirmed. I can't stand it when people jump to conclusions and assume the worst from the smallest bit of information.

view full post

"When you fire the system up," Juarez says, "you'll choose to run this particular 'secure processing environment' which we call the Trusted Operating System Root. You might think of this as a micro-kernel that manages trusted code in a way that's physically isolated from the rest of the system, so it's inherently impervious to things like viruses."

Via the Trusted Operating System Root, says Juarez, users will be able to create and deploy secure services through software agents. "You can create an environment where you determine what information about you gets revealed to others, such as personal information in an online transaction, or information about your hardware that needs to be revealed to a network you're operating with. We're trying to create this in such a way that there is no architectural limitation on what you can get these agents to do."

Cryptography is key to the effort with the software agents, Juarez says. "We're looking at the usual suspects there, including current deployments of public-key cryptography as well as some powerful symmetrical processing cryptography systems. However, we're going to try to approach cryptography in a new and powerful way."