Advertisement
Promo

Online business Toolkit

Microsoft: Customised security is safer

Published: 09 May 2003 09:07 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Microsoft is trying to make security obvious.

The software giant plans to visually alter document or application windows that contain private information that's secured through Microsoft's Next-Generation Secure Computing Base (NGSCB), formerly known as Palladium. Secure windows will look different than regular, unsecured windows in order to remind users that they are looking at confidential material, Peter Biddle, product unit manager for Microsoft, said on Thursday at the Windows Hardware Engineering Conference (WinHEC) in New Orleans.

"We know that users need to be able to tell the difference between a trusted window and a regular one," Biddle said. "The window (will be) noticeably different."

People are likely to customise the secure pages, which will help prevent "spoof attacks," where hackers plant a fraudulent Web page on a PC screen that looks, but isn't, a file from a person's doctor or accountant, for example.

The border of a secured page may contain information -- such as the names of all the dogs that someone has ever owned -- to make the data instantly recognisable as sound to the individual owner, as well as difficult to replicate. A hacker can create a spoof page with dogs' names running along the border but, in all likelihood, not one reading "Buffy, Skip and Jack Daniels -- and in that order," Biddle said.

NGSCB essentially creates a secure data vault and a secured way to transmit data between memory, the hard drive, the monitor and trusted third parties. Computer users will likely secure intellectual property files or bank records with it, but not the bulk of their data on their PC, according to Microsoft.

Information on secured windows will vanish if another window is placed on top of it or shifted to the background. Erasing the information will prevent certain types of attacks and remind people that they're dealing with confidential material, Biddle said.

When the secure window returns to the top of the stack, the information will reappear, he said.

Microsoft is still working on how to implement this technology and what it will ultimately look like.

Separately, David Kirk, an executive with graphics chipmaker Nvidia, said his company will be able to release graphics chips that conform to the NGSCB specifications the day that Longhorn, the next big version of Windows, comes out. NGSCB will not be integrated into Longhorn, which is due in 2005, but will instead come out as separate software, Biddle said. Over time, pieces of the technology will be integrated into the coming operating system.

Graphics cards are a security problem, because they contain their own pool of memory.

John Crank, senior branding associate at Advanced Micro Devices, said the chipmaker is also looking to adapt its products to the security technology.

Earlier in the week at WinHEC, Microsoft showed off a prototype of NGSCB that's based on real and emulated hardware. Small applications running on the technology demonstrated its security features.

See the Windows News Section for the latest news, reviews and briefing papers on everything from Windows NT and 95 to service pack releases for XP.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
22 out of 68 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business


Sentry Posts Blog

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

Post a comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Video icon

Video

Google Chrome

Roundup: Full coverage of Google Chrome

The search giant has launched a beta of its own open-source browser, sending a clear challenge to Microsoft in the way it lets users work with applications More

Blog: Google Chrome has Microsoft's code inside, says MS manager

And furthermore, he says, that's a good thing... More

Blog: Google Chrome — nine things we've found since launch

Google must be very happy with the coverage Chrome has gathered. But it's not all good news... More


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters