Next-Generation Secure Computing Base: Difference between revisions

From BetaArchive Wiki
Line 68: Line 68:
=== Nexus Computing Agents ===
=== Nexus Computing Agents ===


''Nexus Computing Agents'' (NCAs) would have been application processes strictly managed by the nexus. They would have consisted of user-mode code executing within the isolated execution space (nexus mode). An NCA could have been be an application in and of itself, or an NCA could have been part of an application that would have also run in the standard Windows environment. Each NCA would have had access only to the memory allocated to it by the nexus. This memory would not have been shared with other processes on the system, unless explicitly allowed by the NCA.<ref name = "privacy-enhancements" />
''Nexus Computing Agents'' (NCAs)<ref name = "privacy-enhancements" />, or ''trusted agents''<ref name = "projecting-patent" /> would have been application processes strictly managed by the nexus. They would have consisted of user-mode code executing within the isolated execution space (nexus mode).<ref name = "privacy-enhancements" /> An NCA could have been be an application in and of itself, or an NCA could have been part of an application that would have also run in the standard Windows environment.<ref name = "privacy-enhancements" /> In other, words, an NCA or trusted agent could have been a program, a part of a program, or a service that runs in user mode in trusted space.<ref name = "projecting-patent" /> Each NCA would have had access only to the memory allocated to it by the nexus. This memory would not have been shared with other processes on the system, unless explicitly allowed by the NCA.<ref name = "privacy-enhancements" />
 
An NCA trusted agent would call the nexus for security-related services and critical general services, such as memory management.<ref name = "projecting-patent" />  Each NCA would have had access only to the memory allocated to it by the nexus. This memory would not have been shared with other processes on the system, unless explicitly allowed by the NCA.<ref name = "privacy-enhancements" /> A NCA or trusted agent would have been able to store secrets using sealed storage and to authenticate itself using the attestation services of the nexus. Each trusted agent or entity would have controlled its own domain of trust, and they need not have relied on each other.<ref name = "projecting-patent" />


Nexus Computing Agents were divided into three categories: "Application," "Component," and "Trusted Service Provider."<ref>{{cite web | url = http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/nca_considerations.asp | title = Security Developer Center: Next-Generation Secure Computing Base: Development Considerations for Nexus Computing Agents (Security (General) Technical Articles) | first = Ellen | last = Cram | publisher = [[Microsoft Developer Network]] (MSDN) | date = October 2003 | archiveurl = https://web.archive.org/web/20031202225017/http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/nca_considerations.asp | archivedate = 2 December 2003 | accessdate = 15 April 2021}}</ref>
Nexus Computing Agents were divided into three categories: "Application," "Component," and "Trusted Service Provider."<ref>{{cite web | url = http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/nca_considerations.asp | title = Security Developer Center: Next-Generation Secure Computing Base: Development Considerations for Nexus Computing Agents (Security (General) Technical Articles) | first = Ellen | last = Cram | publisher = [[Microsoft Developer Network]] (MSDN) | date = October 2003 | archiveurl = https://web.archive.org/web/20031202225017/http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/nca_considerations.asp | archivedate = 2 December 2003 | accessdate = 15 April 2021}}</ref>

Revision as of 06:42, 16 April 2021

The Next-Generation Secure Computing Base (codenamed Palladium)[1] is a software architecture originally slated to be included in the Microsoft Windows "Longhorn" operating system. Development of the architecture began in 1997.[2][3]

The NGSCB was the result of years of research within Microsoft to create a secure computing solution that equaled the security of more closed systems while preserving the openness and flexibility of the Windows platform.[4] The NGSCB relied on new software components and specially designed hardware to create a new execution environment where more sensitive operations could be performed securely.[5] Microsoft's primary stated objective with the NGSCB was to "protect software from software."[4][6][7]

History

The idea of creating an architecture where software components can be loaded in a known and protected state predates the development of NGSCB.[8] A number of attempts were made in the 1960s and 1970s to produce secure computing systems,[9][10] with variations of the idea emerging in more recent decades.[11][12]

In 1999, the Trusted Computing Platform Alliance, a consortium of various technology companies, was formed in an effort to promote trust in the PC platform.[13] The TCPA would release several detailed specifications for a trusted computing platform with focus on features such as code validation and encryption based on integrity measurements, hardware based key storage, and attestation to remote entities. These features required a new hardware component designed by the TCPA called the Trusted Platform Module (referred to as a Security Support Component,[14] Secure Cryptographic Processor,[4] or Security Support Processor[4] in earlier Microsoft documentation). While most of these features would later serve as the foundation for Microsoft's NGSCB architecture, they were different in terms of implementation.[2] The TCPA was superseded by the Trusted Computing Group in 2003.[15]

Development

Development of the NGSCB began in 1997 after Microsoft developer Peter Biddle conceived of new ways to protect content on personal computers.[5]

Microsoft later filed a number of patents related to elements of the NGSCB design.[16] Patents for a digital rights management operating system,[8] loading and identifying a digital rights management operating system,[17] key-based secure storage,[18] and certificate based access control[19] were filed on January 8, 1999. A method to authenticate an operating system based on its central processing unit was filed on March 10, 1999.[20] Patents related to the secure execution of code[21] and protection of code in memory[22] were filed on April 6, 1999.

During its Windows Hardware Engineering Conference of 2000, Microsoft showed a presentation titled Privacy, Security, and Content in Windows Platforms which focused on the protection of end user privacy and intellectual property.[23] The presentation mentioned turning Windows into a "platform of trust" designed to protect the privacy of individual users.[23] Microsoft made a similar presentation during WinHEC 2001.[24]

The NGSCB was publicly unveiled under the name "Palladium" on 24 June 2002 in an article by Steven Levy of Newsweek that focused on its origin, design and features.[25][26][27] Levy stated that the technology would allow users to identify and authenticate themselves, encrypt data to protect it from unauthorized access, and allow users to enforce policies related to the use of their information. As examples of policies that could be enforced, Levy stated that users could send e-mail messages accessible only by the intended recipient, or create Microsoft Word documents that could only be read a week after they were created. To provide this functionality, the technology would require specially designed hardware components, including updated processors, chipsets, peripherals, and a Trusted Platform Module.[25] In August 2002, Microsoft posted a recruitment advertisement seeking a group program manager to provide vision and industry leadership in the development of several Microsoft technologies, including its NGSCB architecture.[28]

In 2003, Microsoft publicly demonstrated the NGSCB for the first time at its Windows Hardware Engineering Conference[29][30][31] and released a developer preview of the technology later that year during its Professional Developers Conference.[32][33][34]

Diagram of NGSCB architecture revision shown during WinHEC 2004.

During WinHEC 2004, Microsoft announced that it would revise the technology in response to feedback from customers and independent software vendors who stated that they did not want to rewrite their existing programs in order to benefit from its functionality.[35][36] After the announcement, some reports stated that Microsoft would cease development of the technology.[37][38] Microsoft denied the claims and reaffirmed its commitment to delivering the technology.[39][40] Later that year, Microsoft's Steve Heil stated that the company would make additional changes to the technology based on feedback from the industry.[41]

In 2005, Microsoft's lack of continual updates on its progress with the technology had led some in the industry to speculate that it had been cancelled.[42] At the annual Microsoft Management Summit event, then Microsoft CEO Steve Ballmer said that the company was building on the foundation it had started with the NGSCB to create a new set of hypervisor technologies for its Windows operating system.[43] During WinHEC 2005, Microsoft announced that it had scaled back its plans for the technology in order to ship the post-reset Windows "Longhorn" operating system within a reasonable timeframe. Instead of providing an isolated software environment, the NGSCB would offer full operating system volume encryption with a feature known as Secure Startup (which would later be renamed as Bitlocker Drive Encryption).[44] Microsoft stated that it planned to deliver other aspects of its NGSCB architecture at a later date.[45]

In July 2008, Peter Biddle stated that negative perception was the main contributing factor responsible for the cancellation of the architecture.[46]

Name

In Greek and Roman mythology, the term "palladium" refers to an object that the safety of a city or nation was believed to be dependent upon.[47]

On 24 January 2003, Microsoft announced that "Palladium" had been renamed as the "Next-Generation Secure Computing Base." According to NGSCB product manager Mario Juarez, the new name was chosen not only to reflect Microsoft's commitment to the technology in the upcoming decade, but also to avoid any legal conflict with an unnamed company that had already acquired the rights to the Palladium name. Juarez acknowledged that the previous name had been a source of criticism, but denied that the decision was made by Microsoft in an attempt to deflect criticism.[1]

Reception

Architecture

NGSCB essentially would have divided the computing environment into two separate and distinct operating modes.[48] Thus, NGSCB would have been composed of two parts: the traditional "left-hand side" (LHS) and the “right-hand side” (RHS) security system. The LHS and RHS would have been a logical, but physically enforced, division or partitioning of the computer.[49]

The LHS would have been composed of traditional applications such as Microsoft Office,[49] along with a conventional operating system, such as Windows.[49][48] Another term for the LHS is standard mode.[48]

Meanwhile, the RHS would have worked in conjunction with the LHS system and the central processing unit (CPU). With NGSCB, applications would have run in a protected memory space that is highly resistant to software tampering and interference.[49] The RHS[49] or nexus mode[48] would have been composed of a “nexus” and trusted agents,[49] called Nexus Computing Agents.[48] Other terms for the RHS are the nexus mode or the isolated execution space, in which the nexus and NCAs would have executed.[48]

Typically, there would have been one chipset in the computer that both the LHS and RHS would have used.[48]

  • Diagram of the NGSCB software architecture as presented during WinHEC 2003.

    Diagram of the NGSCB software architecture as presented during WinHEC 2003.

  • "FIG. 2 is a block diagram of an existing NGSCB system having both trusted and untrusted environments" (Source: US7530103B2 patent)[49] Note how the RHS and LHS correspond to the WinHEC 2003 diagram.

    "FIG. 2 is a block diagram of an existing NGSCB system having both trusted and untrusted environments" (Source: US7530103B2 patent)[49] Note how the RHS and LHS correspond to the WinHEC 2003 diagram.

Nexus

Diagram of the Nexus design.

The nexus, previously referred to as the "Nub"[2] or "Trusted Operating Root"[50][51] would have been the new kernel introduced by the NGSCB. The nexus would have been responsible for the secure interaction between the specialized hardware components, and would also have been responsible for the isolation and management of Nexus Computing Agents.

The nexus was described either as a “high assurance” operating system,[49] as an operating system component, or as a secure system component.[48] The Nexus would have hosted, protected, and controlled NCAs.[48]

In a patent granted in favor of Microsoft, the nexus was described as:

A nexus is a “high assurance” operating system that provides a certain level of assurance as to its behavior and can comprise all the kernel mode code on the RHS. For example, a nexus might be employed to work with secret information (e.g., cryptographic keys, etc.) that should not be divulged, by providing a curtained memory that is guaranteed not to leak information to the world outside of the nexus, and by permitting only certain certified applications to execute under the nexus and to access the curtained memory. The nexus 251 should not interact with the main operating system 201 in any way that would allow events happening at the main operating system 201 to compromise the behavior of the nexus 251. The nexus 251 may permit all applications to run or a machine owner may configure a machine policy in which the nexus 251 permits only certain agents to run. In other words, the nexus 251 will run any agent that the machine owner tells it to run. The machine owner may also tell the nexus what not to run.

The nexus 251 isolates trusted agents 255, 260, manages communications to and from trusted agents 255, 260, and cryptographically seals stored data (e.g., stored in a hard disk drive). More particularly, the nexus 251 executes in kernel mode in trusted space and provides basic services to trusted agents 255, 260, such as the establishment of the process mechanisms for communicating with trusted agents and other applications, and special trust services such as attestation of a hardware/software platform or execution environment and the sealing and unsealing of secrets. Attestation is the ability of a piece of code to digitally sign or otherwise attest to a piece of data and further assure the recipient that the data was constructed by an unforgeable, cryptographically identified software stack.

— Bryan Mark Willman, Paul England, Kenneth D. Ray, Keith Kaplan, Varugis Kurien, Michael David Marr, Projection of trustworthiness from a trusted environment to an untrusted environment, [49]

NGSCB would have allowed a PC to run one nexus at a time. Microsoft would have built a nexus designed to complement Windows, and expected other developers and vendors to build nexuses of their own.[48]

Nexus Computing Agents

Nexus Computing Agents (NCAs)[48], or trusted agents[49] would have been application processes strictly managed by the nexus. They would have consisted of user-mode code executing within the isolated execution space (nexus mode).[48] An NCA could have been be an application in and of itself, or an NCA could have been part of an application that would have also run in the standard Windows environment.[48] In other, words, an NCA or trusted agent could have been a program, a part of a program, or a service that runs in user mode in trusted space.[49] Each NCA would have had access only to the memory allocated to it by the nexus. This memory would not have been shared with other processes on the system, unless explicitly allowed by the NCA.[48]

An NCA trusted agent would call the nexus for security-related services and critical general services, such as memory management.[49] Each NCA would have had access only to the memory allocated to it by the nexus. This memory would not have been shared with other processes on the system, unless explicitly allowed by the NCA.[48] A NCA or trusted agent would have been able to store secrets using sealed storage and to authenticate itself using the attestation services of the nexus. Each trusted agent or entity would have controlled its own domain of trust, and they need not have relied on each other.[49]

Nexus Computing Agents were divided into three categories: "Application," "Component," and "Trusted Service Provider."[52]

Features

Developers could have used four main capabilities to protect data against software attacks on NGSCB systems: strong process isolation, sealed storage, secure paths to and from the user, and attestation.[48]

Process isolation

Strong process isolation would have been a mechanism for protecting data in memory. It would have provided an execution and memory space that would have been protected from external access and software-based attacks (even those launched from the kernel). It was created and maintained by the nexus and enforced by NGSCB hardware.[48]

Sealed storage

Sealed storage would have been a mechanism for protecting data in storage. Sealed data could only be accessed by the authenticated application (or designated trusted entity) that stored it.[48]

Secure paths to and from the user

Secure paths to and from the user would have been mechanisms for protecting data moving from input devices to the NCAs, and from NCAs to the monitor screen. Data entered by the user and presented to the user could not be read by software such as spyware or “Trojan horses.” Malicious software could not mimic or intercept input, or intercept, obscure or alter output.[48]

Attestation

Attestation would have been mechanism for authenticating a given software and hardware configuration, either locally or remotely. It would have based on secrets rooted in hardware combined with cryptographic representations (hash vectors) of the nexus and/or software running on the machine. Attestation would have been a core feature for enabling many of the privacy benefits in NGSCB.[48]

Hardware

Encrypted memory was once considered for the NGSCB, but the idea was later discarded as the only threat conceived of that would warrant its inclusion was the circumvention of digital rights management technology.[53][54]

Trusted Platform Module

The Trusted Platform Module is the hardware component that securely stores the cryptographic keys for the Nexus and Nexus Computing Agents, which makes the sealed storage and attestation features of the Nexus possible.

The Trusted Platform Module includes an asymmetric 2048-bit RSA key pair, referred to as the Endorsement Key (EK), which is unique to each particular module and is generated as part of its manufacturing process. The public key is accessible to applications or services that have established a trusted relationship with the owner, and is also used to provide the owner with Attestation Identity Keys (AIKs).

According to Microsoft, version 1.2 of the Trusted Platform Module is the first version compatible with its NGSCB architecture. Previous versions do not include the required functionality.[48]

In builds of Windows "Longhorn"

A successful attempt to configure the Next-Generation Secure Computing Base in Windows "Longhorn" build 4053.

In released pre-reset builds of Windows "Longhorn", NGSCB components reside in %SYSTEMDRIVE%\WINDOWS\NGSCB. The last build of Windows "Longhorn" known to include the NGSCB directory and subfolders is build 4066.[55]

Legacy

The development of the Next-Generation Secure Computing Base ultimately led to the creation of Microsoft's Bitlocker drive encryption feature, which was one of the first mainstream device encryption features to support version 1.2 of the Trusted Platform Module, and the first device encryption feature to be integrated with the Windows operating system.[56] Certain design elements of the NGSCB would become part of Microsoft's virtualization technologies.[43][57] Windows 8, released in 2012, includes a feature called Measured Boot which allows a trusted server to verify the integrity of the Windows startup process.[58][59][60] Although it is not directly related to the NGSCB architecture, it serves a purpose comparable to the architecture's attestation feature in that they are both designed to validate a platform's configuration.[61]

In addition, features based on those originally intended for the NGSCB would later become available in competing operating systems. In 2012, Giesecke & Devrient produced a parallel execution environment called MobiCore for the Android operating system designed to host secure user applications and protect confidential data.[62] In 2013, Apple released a new feature for its iOS operating system called Secure Enclave to protect a user's biometric information.[63]

References

  1. 1.0 1.1 Lemos, Robert (24 January 2003). What's in a name? Not Palladium. CNET News.com. Retrieved on 15 April 2021.
  2. 2.0 2.1 2.2 Biddle, Peter (5 August 2002). Re: Dangers of TCPA/Palladium. Retrieved on 15 April 2021.
  3. Merritt, Rick (15 July 2002). Microsoft scheme for PC security faces flak. EE Times. Retrieved on 15 April 2021.
  4. 4.0 4.1 4.2 4.3 Aday, Michael. Palladium. Retrieved on 15 April 2021.
  5. 5.0 5.1 Schoen, Seth (5 July 2002). Palladium summary?. Retrieved on 15 April 2021.
  6. Baker, Brandon (2003). A Technical Introduction to NGSCB. Security Summit East 2003 Washington, DC. Archived from the original on 23 July 2014. Retrieved on 16 April 2021.
  7. PeterNBiddle (28 November 2012). How four Microsoft engineers proved that the “darknet” would defeat DRM (comment). Retrieved on 15 April 2021.
  8. 8.0 8.1 Paul England, John D. DeTreville, Butler W. Lampson (inventors) (11 December 2001 (publication date)). US6330670B1 - Digital rights management operating system - Google Patents. Retrieved on 15 April 2021.
  9. William A. Arbaugh, David J. Farber, Angelos D. Keromytis, Jonathan M. Smith (inventors) (6 February 2001 (publication date)). US6185678B1 - Secure and reliable bootstrap architecture - Google Patents. Retrieved on 15 April 2021.
  10. Anderson, James (October 1972). Computer Security Technology Planning Study. Electronic Systems Division. Retrieved on 15 April 2021.
  11. David P. Jablon, Nora E. Hanley (inventors) (30 May 1995 (publication date)). US5421006A - Method and apparatus for assessing integrity of computer system software - Google Patents. Retrieved on 15 April 2021.
  12. Kuhn, Markus (30 April 1997). The TrustNo 1 Cryptoprocessor Concept. Retrieved on 15 April 2021.
  13. Trusted Computing Platform Alliance. TCPA - Trusted Computing Platform Alliance. Archived from the original on 2 August 2002. Retrieved on 15 April 2021.
  14. Microsoft (July 2003). Microsoft Next-Generation Secure Computing Base - Technical FAQ. Archived from the original on 24 October 2008. Retrieved on 15 April 2021.
  15. Trusted Computing Group (February 2011). TRUSTED COMPUTING GROUP (TCG) TIMELINE. Archived from the original on 17 August 2011. Retrieved on 15 April 2021.
  16. Lampson, Butler. Curriculum Vitae. Archived from the original on 9 June 2011. Retrieved on 15 April 2021.
  17. Paul England, John D. DeTreville, Butler W. Lampson (inventors) (4 December 2001 (publication date)). US6327652B1 - Loading and identifying a digital rights management operating system - Google Patents. Retrieved on 15 April 2021.
  18. Paul England, John D. DeTreville, Butler W. Lampson (20 March 2007 (publication date)). US7194092B1 - Key-based secure storage - Google Patents. Retrieved on 15 April 2021.
  19. Paul England, John D. DeTreville, Butler W. Lampson (inventors) (16 November 2004 (publication date)). US6820063B1 - Controlling access to content based on certificates and access predicates - Google Patents. Retrieved on 15 April 2021.
  20. Paul England, John D. DeTreville, Butler W. Lampson (inventors) (6 February 2007). US7174457B1 - System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party - Google Patents. Retrieved on 15 April 2021.
  21. Paul England, Butler W. Lampson (18 November 2003 (publication date)). US6651171B1 - Secure execution of program code - Google Patents. Retrieved on 15 April 2021.
  22. Paul England, Butler W. Lampson (10 August 2004 (publication date)). US6775779B1 - Hierarchical trusted code for content protection in computers - Google Patents. Retrieved on 15 April 2021.
  23. 23.0 23.1 Microsoft. Privacy, Security And Content In Windows Platforms. Archived from the original on 2 April 2015. Retrieved on 15 April 2021.
  24. Microsoft. Privacy, Security, and Content Protection. WinHEC 2001. Archived from the original on 26 June 2017. Retrieved on 15 April 2021.
  25. 25.0 25.1 Levy, Steven (24 June 2002). The Big Secret. Newsweek. Retrieved on 15 April 2021.
  26. Palladium: Microsoft’s big plan for the PC. Geek.com. Archived from the original on 24 June 2002. Retrieved on 15 April 2021.
  27. ExtremeTech Staff (24 June 2002). “Palladium”: Microsoft Revisits Digital-Rights Management. ExtremeTech. Retrieved on 15 April 2021.
  28. Lettice, John (13 August 2002). MS recruits for Palladium microkernel and/or DRM platform. Retrieved on 15 April 2021.
  29. Bekker, Scott (6 May 2003). Palladium on Display at WinHEC. Redmond. Retrieved on 15 April 2021.
  30. Microsoft PressPass (7 May 2003). At WinHEC, Microsoft Discusses Details of Next-Generation Secure Computing Base. Archived from the original on 23 July 2017. Retrieved on 15 April 2021.
  31. Evers, Joris (7 May 2003). Microsoft turns to emulators for security demo. Networkworld. Retrieved on 15 April 2021.
  32. Paula Rooney, Elizabeth Montalbano (1 October 2003). Microsoft To Hand Over Early Whidbey, Yukon Code At PDC. CRN. Retrieved on 15 April 2021.
  33. Evers, Joris (30 October 2003). Developers get hands on Microsoft's NGSCB. Networkworld. Retrieved on 15 April 2021.
  34. Microsoft PressPass (15 December 2003). A Review of Microsoft Technology for 2003, Preview for 2004. Archived from the original on 8 September 2014. Retrieved on 15 April 2021.
  35. Evers, Joris (5 May 2004). WinHEC: Microsoft revisits NGSCB security plan. Networkworld. Archived from the original on 18 November 2005. Retrieved on 15 April 2021.
  36. Sanders, Tom (6 May 2004). Microsoft shakes up Longhorn security. vnunet.com. Archived from the original on 29 November 2005. Retrieved on 15 April 2021.
  37. Bangeman, Eric (5 May 2004). Microsoft kills Next-Generation Secure Computing Base. Ars Technica. Retrieved on 15 April 2021.
  38. Rooney, Paula (5 May 2004). Microsoft Shelves NGSCB Project As NX Moves To Center Stage. CRN. Retrieved on 15 April 2021.
  39. eWeek Editors (5 May 2004). Microsoft: Palladium Is Still Alive and Kicking. eWeek. Retrieved on 15 April 2021.
  40. Thurrott, Paul (7 May 2004). WinHEC 2004 Show Report and Photo Gallery. Paul Thurrott's Supersite for Windows. Archived from the original on 23 July 2014. Retrieved on 15 April 2021.
  41. Fried, Ina (8 September 2004). Controversial Microsoft plan heads for Longhorn. CNET. Retrieved on 15 April 2021.
  42. Evers, Joris (24 February 2005). Silence Fuels Speculation on Microsoft Security Plan. PCWorld. Retrieved on 15 April 2021.
  43. 43.0 43.1 Ballmer, Steve (20 April 2005). Steve Ballmer: Microsoft Management Summit. Microsoft. Archived from the original on 8 September 2014. Retrieved on 15 April 2021.
  44. Sanders, Tom (26 April 2005). Longhorn security gets its teeth kicked out. vnunet.com. Archived from the original on 28 April 2005. Retrieved on 15 April 2021.
  45. Microsoft Shared Source Initiative Home Page. Archived from the original on 6 June 2005. Retrieved on 15 April 2021.
  46. Biddle, Peter (16 July 2008). Perception (or, Linus gets away with being honest again). Retrieved on 15 April 2021.
  47. Myth Index. PALLADIUM. Greek Mythology Index. Archived from the original on 17 January 2008. Retrieved on 15 April 2021.
  48. 48.00 48.01 48.02 48.03 48.04 48.05 48.06 48.07 48.08 48.09 48.10 48.11 48.12 48.13 48.14 48.15 48.16 48.17 48.18 48.19 48.20 Microsoft (November 2003). Privacy-Enabling Enhancements in the Next-Generation Secure Computing Base. Archived from [http:/download.microsoft.com/download/8/d/5/8d5ec8cf-3e09-49e0-95dd-0a6a3ded510f/NGSCB_Privacy_Enhancements.doc the original] on 28 December 2005. Retrieved on 15 April 2021.
  49. 49.00 49.01 49.02 49.03 49.04 49.05 49.06 49.07 49.08 49.09 49.10 49.11 49.12 Bryan Mark Willman, Paul England, Kenneth D. Ray, Keith Kaplan, Varugis Kurien, Michael David Marr (inventors) (10 February 2005 (publication date)). US7530103B2 - Projection of trustworthiness from a trusted environment to an untrusted environment - Google Patents. Retrieved on 16 April 2021.
  50. Amy Carroll, Mario Juarez, Julia Polk and Tony Leininger (June 2002). Microsoft "Palladium": A Business Overview. Microsoft PressPass. Archived from the original on 5 August 2002. Retrieved on 15 April 2021.
  51. Biddle, Peter (19 September 2002). Cryptogram: Palladium Only for DRM. Retrieved on 15 April 2021.
  52. Cram, Ellen (October 2003). Security Developer Center: Next-Generation Secure Computing Base: Development Considerations for Nexus Computing Agents (Security (General) Technical Articles). Microsoft Developer Network (MSDN). Archived from the original on 2 December 2003. Retrieved on 15 April 2021.
  53. Biddle, Peter (22 February 2008). Attack isn't news, and there are mitigations. Retrieved on 15 April 2021.
  54. Biddle, Peter (23 February 2008). Threat Model Irony. Retrieved on 15 April 2021.
  55. Builds of "Longhorn" with NGSCB?
  56. Microsoft (26 March 2012). Windows BitLocker Drive Encryption Frequently Asked Questions. Retrieved on 15 April 2021.
  57. Clarke, Gavin (19 April 2005). Microsoft running late in virtualization. The Register. Retrieved on 15 April 2021.
  58. Microsoft TechNet. Windows 8 Boot Process - Security, UEFI, TPM. Archived from the original on 7 April 2013. Retrieved on 15 April 2021.
  59. Microsoft TechNet. Windows 8 Boot Security FAQ. Archived from the original on 2 March 2014. Retrieved on 15 April 2021.
  60. Microsoft (31 May 2018). Measured Boot. Retrieved on 15 April 2021.
  61. Microsoft (7 September 2012). Secured Boot and Measured Boot: Hardening Early Boot Components against Malware. Retrieved on 15 April 2021.
  62. Giesecke & Devrient (4 May 2012). G&D; announces MobiCore® integrated security platform to support Samsung GALAXY S III in Europe. Archived from the original on 12 May 2012. Retrieved on 15 April 2021.
  63. Apple (10 September 2013). Apple Announces iPhone 5s—The Most Forward-Thinking Smartphone in the World. Archived from the original on 11 September 2013. Retrieved on 15 April 2021.

External links

Microsoft

BetaArchive

Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Next-Generation_Secure_Computing_Base&oldid=450165
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki