| seminarsonly.com |
E-mail :- contactv2@gmail.com |
|
Books |
Sitemap |
| >>
Are you interested in this topic. Then mail to us immediately to get the full report. E-mail :- contactv2@gmail.com ______________________________
Custom Search
Tags next generation secure computing base ppt
|
INTRODUCTION Microsoft's next-generation secure computing base aims to provide robust access control while retaining the openness of personal computers. Unlike closed systems, an NGSCB platform can run any software, but it provides mechanisms that allow operating systems and applications to protect themselves against other software running on the same machine. For example, it can make home finance data inaccessible to programs that the user has not specifically authorized. To
enable this mode of operation, NGSCB platforms implement
We refer to a security regimen that allows any software to run but requires it
to be identified in access-control decisions as authenticated operation, and we
call a hardware-software platform that supports authenticated operation a trusted
open system. A variety of commercial requirements and security goals guided the NGSCB system design. The main commercial requirement was for an open architecture that allows arbitrary hardware peripherals to be added to the platform and arbitrary software to execute without involving a central authority. Furthermore, the system had to operate in the legacy environment of personal computers. While we introduced changes to core platform components, most of the PC architecture remained unmodified. The system had to be compatible with the majority of existing peripherals. Finally, the hardware changes had to be such that they would not have a significant impact on PC production costs. Our main security goal was assurance. Assurance is not any particular security function. It refers to the degree of confidence the owner of a system can have in its correct behavior especially in the presence of attacks. A further goal was to enable authenticated operation. The hardware platforms are not required to provide protection against hardware tampering. Protection against tampering costs money, and it is clear that most security attacks facing users are launched by malicious software, or are remotely launched and exploit bugs in otherwise benign software. However, we anticipate platforms will be deployed that are also robust against hardware attacks, especially in high-security corporate and government settings.
AUTHENTICATED OPERATION Traditional access-control systems protect data against unauthorized access through an authentication mechanism such as a password, biometric data, or smart card. Each access request triggers a system component, the guard, that is part of the trusted computing base. The guard grants or denies access, and can audit access requests according to the user, the request, and the system's access-control policy. Authenticated
operation bases access-control decisions in part on the identity of the program
making a request. For example, a user can restrict access to files containing
financial data to only certain authorized programs.
|
copyright © 2006 V2 Computers E-mail :- contactv2@gmail.com