Next-Generation Secure Computing Base

• If the concept ever eingefürt? en.wp says no! Please help to investigate and add the missing information.

The Next-Generation Secure Computing Base ( NGSCB ), formerly known as Palladium, is a software security framework from Microsoft that was launched as a successor of palladium into being in June 2002. It is an implementation of the controversial Trusted Computing technology.

In January 2003, the name was palladium due to numerous criticisms from the IT experts in the public already so much " tarnished " (English for tarnished ) that Microsoft opted for a less catchy name with a lower tag potential. In addition, other companies had already secured the naming rights.

Basic idea

The concept of NGSCB that should be first used in Windows Vista, results from a compromise that has received Microsoft: On the one hand, Windows is a secure operating system as possible, on the other hand is "old" software continue to run. The solution is the Nexus, a second kernel that is "to be loaded " to the previous kernel. Also one of the unloading Nexus in operation is provided. After the Nexus store there, according to Microsoft two limitations: computer programs may not be able to access any of the complete memory and the CPU does not put more fashion in the Real.

Breakdown of Windows

At the present time (January 2004), according to Microsoft, some important design decisions have not yet fallen into the NGSCB development; Thus, the following comments are not to be regarded as immutable.

In the existing documents Microsoft distinguishes between the unsafe side with the "normal " Windows ( Left Hand Side ) and the safe side of the Nexus ( Right Hand Side ).

The Nexus managed to secure the right of safe applications ( agents) and TSP (Trusted Service Provider), which represent a (safe) counterpart to the services on Windows. Although services and applications run in secure storage areas, yet both are, however, to " ordinary " software. The Nexus it just looks to be safe and assumes that everything else ( ie on the Left Hand Side ) is uncertain. Is how to ensure that these " safe" programs are safe even until now still unclear. Potential measures include Zertifizierungssmodell, would be tested in the secure applications to their legitimacy.

Data from this uncertain left accessed through a special driver on this Left Hand Side, the Nexus Manager, on the Right Hand Side. The Nexus then checks the data in the NAL ( Nexus Abstraction Layer), the counterpart to the HAL (Hardware Abstraction Layer). Divergence between the data from the from expectations, they are already discarded here. In addition, the Nexus must itself and (eg via bus master capable devices ) protect the entire Right Hand Side from direct memory accesses.

Required hardware

The price for backward compatibility: NGSCB requires a secure hardware environment. Input devices ( currently only provided USB ), video card, chipset, CPU, and a so-called Trusted Platform Module must be "safe". This means that they have to authenticate to the computer. The can not afford existing devices, so new hardware is already developed with relevant new drivers that guarantee the required safety.

Criticism

Plug in the hardware of a appointed by the Trusted Platform Module PC unsecured components, the non-certified by Nexus applications may refuse to work. In this way PC users might be almost forced to use certain components in order to start desired programs or to even to get information on their own system, which leads to one-sided dependencies manufacturer ( vendor lock -in).

Critics complain that NGSCB was not developed ( "safe" in the sense of information security ) for basically secure programs and protected data, but for the safe implementation of controversial systems for digital rights management ( DRM) technology. Although Microsoft says this is not the main motivation for the development of technology, this property is strongly emphasized in the patent applications.