Craig Mundie, senior vice president and chief technical officer of advanced strategies and policy at Microsoft phew, that's a job title, outlined Microsoft's decade-long vision to achieve the goal of "invisible" security.
The first phase of the involved halting design and development efforts across product groups, while developers were schooled in building fundamentally secure code.
"The next phase involves intercepting several products in mid-development and building in new approaches to security," Mundie said. "And as we move into the third phase, we will be developing within our products a fundamental architecture to maintain that chain of trust."
Labeled by Microsoft as "Designed for Trust", the second phase of the initiative is being realized this year with the releases of Windows XP Service Pack 1, Windows .NET Server 2003, and several Web security standards, which begin the building of a much more robust security framework into the Windows environment.
The third phase, dubbed "Architected for Trust", is expected to come to fruition in products and technologies currently on the drawing board, such as the next version of Windows, codenamed "Longhorn," and an initiative dubbed "Palladium" that will provide a new set of features for the Windows operating system that will work in concert with new types of hardware and software to provide additional security services to PCs.
According to Palladium Product Unit Manager Peter Biddle, the project takes into account not only the software aspects of security, but the changes that hardware manufacturers must make to ensure truly secure computing.
"Palladium is the code name for core components of the Windows operating system that combine hardware and software to ensure system integrity and information protection," Biddle said. "For example, today anyone can look into a graphics card memory, which is obviously not good if the memory contains a user's banking transactions or other sensitive information. Part of the focus of 'Palladium' is on providing that security from fingertip to eyeball, so what you type and what you see on your monitor cannot be compromised."
View: MS PressPass