www.infoworld.com/articles/hn/xml/02/06/24/020624hnpalladium.xml -> archive.infoworld.com/articles/hn/xml/02/06/24/020624hnpalladium.xml
Download this special report on Email in the Enterprise. Palladium "is really about security, 51 privacy and system integrity," said Mario Juarez, group product manager for the content security business unit at Microsoft. Palladium may also cover chipsets, graphics 53 processors and USB (Universal Serial Bus) input/output systems, he said. Though Intel and AMD have been involved in design discussions to ensure that Palladium will work with existing processor architectures, it is too early to say whether they will manufacture the encryption chip, Juarez said. Other companies have also been involved in the design of the system and will continue to be part of the process, he said. Palladium will create a secure space within a PC in which users will be able to run applications and store data, he said. The secure space will not be accessible to the rest of the PC, meaning that a 54 virus infecting the non-Palladium part of the computer would not make its way into the secure area, Juarez said. The timeframe for Palladium's inclusion into Windows is unsure for now, as the initiative is only in its early stages, he said. Among possible applications of the technology are authentication of communications and code, data encryption, privacy control and digital rights management (DRM), according to the Newsweek report. The three components will work in parallel to the operating system, with security tasks shunted from the operating system to the Palladium system, rather than as an integrated part of it, he said. Palladium is a security foundation upon which to build other security features, more than a system itself, he added. As such, Palladium "is a very clever system," Reynolds said. Consumers will likely not be pleased about Palladium's DRM features, though "if you're the Hollywood people, you're thrilled," he said. While most talk of DRM revolves around music, Microsoft Chairman and Chief Software Architect Bill Gates sees it as more useful for controlling e-mail: Palladium could be used to limit forwarding of messages, or to make them unreadable after a certain time interval has elapsed, the Newsweek report said. Microsoft, for one, would benefit from being able to control e-mail in such a way. It has repeatedly fought to keep damaging internal e-mail out of court records in recent cases, including its battle with the nine non-settling states over remedies in its antitrust fight with the DOJ. The technology needs to be widespread in order to be useful: 100 million devices will have to be shipped "before it really makes a difference," the report quotes Microsoft vice president Will Poole as saying. Palladium grew out of a skunk-works project looking for ways to secure information stored on machines running Windows and became an official Microsoft project in October 2001, according to the report. The first versions of Palladium "will be shipping with bugs," the report quotes one of the project's cofounders, Paul England, as saying. This could be a problem, however, said Gartner's Reynolds. Microsoft's record on software security has been heavily criticized in the past, and in January of this year the company announced a new emphasis on trustworthy computing in an effort to clean up its image. This news was soon followed by word that its software developers would stop writing new code while they audited their existing code for security flaws. Microsoft has long maintained that keeping its source code under wraps makes its software more secure than open-source software such as rival operating system Linux, where anyone can inspect the source code and see its flaws. A recent report from a Microsoft-funded think tank, the Alexis de Tocqueville Institution, claimed that government use of open-source software represents a threat to national security. Proponents of open-source software say this openness makes it more secure, as there is a greater chance that flaws will be fixed and that users will be more aware of the necessity of upgrading to a fixed version of the software. Advocates of open 56 software development may be winning the argument. According to the Newsweek report, Microsoft will publish the source code to its Palladium system in an effort to be more transparent. To facilitate that broader support, Microsoft will be working with other companies, both in the hardware and software markets, as well as listening to feedback from users, Juarez said. Juarez was unable to provide more specifics about how Microsoft would offer that voice, but said that the company would be soliciting feedback from users at some point. Anything with verification and DRM limits consumers' ability to control their behavior," he said. Microsoft has relied on making security vulnerability information hard to discover, as opposed to fixing security flaws, he said. Scarlet Pruitt, an IDG News Service correspondent in Boston, contributed to this report. EMC - Lower costs and improve reliability-Get the EMC CLARiiON white paper! McDATA - Download a FREE storage consolidation white paper from McDATA. Lucent Technologies - Leverage Your Mobile High Speed Data Access. BMC Software - Maximize the Potential of Enterprise Data: Free white paper! Watch the Self-Defending Network Security demo from Cisco. Cisco - New Network Security White Paper: Cisco NAC INFOWORLD MARKETPLACE 82 Win $25,000 for your Windows Mobile application - Submit your best applications for Windows Mobile-based Pocket PCs and Smartphones. You can quickly and easily retrieve VSAM, QSAM, DB2 and IMS DB data through applications such as Excel, Word, or Crystal Reports. Find out more about the only BI solution based on an industrial strength integration platform.
|
http://csua.com/feed/