Tighter integration between Longhorn and the Next Generation Secure Computing Base (NGSCB), will see the planned operating system now handle a number of functions for NGSCB, simplifying NGSCB’s so-called nexus.
Longhorn will provide scheduling, boot, advanced driver and API capabilities, while the nexus may also be able to support Windows API according to analyst Gartner and confirmed by Microsft.
Change, hinted at during Microsoft’s recent Windows Hardware Engineering Conference (WinHEC), are being made after Microsoft received feedback from ISVs that NGSCB would require many to re-architect existing applications to work with NGSCB.
Product manager Mario Juarez recently told ComputerWire changes were made so ISVs could realize the benefits of NGSCB without spending too much in the way of resources. The fact you have to re-write applications was onerous, Juarez said.
NGSCB is Microsoft’s take on DRM an attempt to increase PC-based security of data and applications. Theoretically PC-based digital content can be associated with a specific device, potentially reducing scope for piracy of media and software or preventing unauthorized forwarding or modification of documents.
Politicians, though, expressed concern NGSCB could grant Microsoft greater power, potentially dictating terms on which competitors interoperate with Windows applications in future. Others have expressed concern over NGSCB’s potential restrict access to information by tying it to a specific PC.
The proposed architecture, details of which are still vague, involves work with hardware manufactures including Intel Corp and AMD Inc, to develop a system that hardware essentially assigns a unique identity to each PC.
Hardware manufactures are believed to be designing CPUs, chipset, USB I/Os, while a new hardware encryption module, Security Support Component (SSC) is in the works. SSC provides RSA public key encryption, decryption, digital signature generation and verification, Advanced Encryption Standard (AES) encryption and decryption, and Secure Hash Algorithm 1 (SH-1) has computation.
Core to NGSCB, is the nexus and Nexus Computing Agents (NCAs). The nexus is envisioned by Microsoft as running in parallel to the Windows operating system, as the kernel of a software stack that provides limited APIs and services. By running as a parallel, controlled system, Microsoft says the nexus would provide a defense against attacks by hackers and viruses on PCs running Windows.
In a recent research note, Gartner Group noted NGSCB will now be potentially far more accessible to applications without modification opening the door to a broad range of infrastructure components the need to be implemented in a secure environment, such as network security and hard-drive encryption. The analyst also expects NGSCB will provide strong encryption without passwords.
Juarez notes the NGSCB architecture has yet to be finalized, nearly two years after NGSCB was unveiled as Palladium and more than a year after Microsoft released sample code at WinHEC in 2003. We went to WinHEC [this year] saying we are still refining the architecture. A lot of the design has not yet been solidified, Juarez said, who added it is also unclear which parts of NGSCB would appear first.
