Microsoft's silence on its Next-Generation Secure Computing Base (NGSCB) architecture has some industry insiders wondering
if the technology has been substantially delayed, or even axed.
Microsoft unveiled NGSCB, formerly known by its Palladium code name, in 2002. The technology, Microsoft has said, uses a combination
of software and hardware that boosts PC security by providing the ability to isolate software so it can be protected against
malicious code. NGSCB requires changes to a PC's processor, chipset and graphics card, for which Microsoft has said that it
enlisted the help of hardware makers including Intel and Advanced Micro Devices.
Critics have argued that NGSCB will curtail users' ability to control their own PCs and could erode fair-use rights for digital
music and movie files.
Last May, at its Windows Hardware Engineering Conference (WinHEC) in Seattle, Microsoft said it was retooling NGSCB so some
of the benefits would be available without the need to recode applications. The vendor promised an update on NGSCB by the
end of 2004. It did not release one and has remained silent since that time.
Meanwhile, Microsoft has shut down an NGSCB discussion group on its Web site. The NGSCB product page is now empty and previously
posted details have been mothballed into an archive page. Several notes on the NGSCB site say, "NGSCB architecture is evolving."
Microsoft Chairman and Chief Software Architect Bill Gates, speaking at the RSA Conference last week, highlighted many of
Microsoft's security efforts but did not mention NGSCB. Asked about the technology, a Microsoft spokesman at the event said
that although the company had promised an update, it does not have one.
"We do not have an update on NGSCB to share at this time. Microsoft continues to actively work through many of the technical
details and we expect to be able to provide more details in the near future," the spokesman said.
The silence on NGSCB raises significant questions about the future of the technology, which Microsoft once loudly promoted,
said Michael Cherry, a lead analyst at Directions on Microsoft, in Kirkland, Washington.
"Unless they do something soon, I think NGSCB is dead," Cherry said.
Microsoft should keep its promises to provide updates, especially if it concerns security technology, Cherry said.
"If Microsoft wants its Trustworthy Computing Initiative to be seen as valuable for customers and partners, they have to be
transparent... With security, you have to be careful to talk about only the things you really are going to do and then do
them extremely well," he said.
Although Microsoft isn't yet willing to talk about NGSCB, it appears the company will have an update at this year's WinHEC
conference late April in Seattle. The preliminary agenda for the event lists two sessions that include NGSCB, including one
titled "How to build NGSCB-enabled systems," according to the WinHEC Web site.
Microsoft has said that it plans to incorporate NGSCB in the next Windows release, code-named Longhorn, due out in 2006. As
the release of Longhorn nears, developers will have to know how to work with the security technology. If NGSCB still is to
be part of Longhorn, Microsoft is cutting it close on informing developers, Cherry said.
"Without that kind of detail, it is going to be very hard for anybody to write an application to take advantage of it in the
Longhorn time frame," he said. The first beta version of Longhorn is planned for the first half of this year, Microsoft has
said.
Attendees at Microsoft's Professional Developers Conference in Los Angeles in October 2003 received a developer preview of
NGSCB. That preview was meant to give developers a feel for what it is like to develop an application that uses NGSCB security,
but with the changes Microsoft is making, the details of the preview have become largely obsolete, according to a person familiar
with NGSCB.
Martin Reynolds, a vice president and research fellow at Gartner, doubts NGSCB will make it into the first release of Longhorn.
"We would have heard more about it," he said.
Instead, Reynolds expects Microsoft to include NGSCB in an update to Longhorn he believes will come in 2008, he said. That
update to Longhorn probably will also include WinFS: "all the things they wanted to do in 2006, but they could not," he said.
WinFS is a unified storage system that Microsoft cut from Longhorn last August.
Microsoft last May said it was changing NGSCB but not discarding previous work or going back to the drawing board. Originally
Microsoft had limited NGSCB to providing strong protection for very small amounts of data through protected agents. Applications
would have to be rebuilt to include a protected agent that would run in a secured space on the system. In May, Microsoft said
it was revising NGSCB so it would be possible to secure more bits without having to rewrite applications.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
