Microsoft Proposes End to End Trust Vision

SAN FRANCISCO — April 8, 2008 — At RSA Conference 2008, Microsoft Corp. initiated a broad dialogue about the future of security and privacy on the Internet. In a fireside chat-style keynote address today, Microsoft Chief Research and Strategy Officer Craig Mundie proposed a vision known as End to End Trust, intended to give people greater choice and control over whom and what to trust online.

End to End Trust is an industry call to action that proposes three needed elements for a more secure and trusted online environment:

  • Creation of a trusted stack where each element in the stack can be authenticated and is trustworthy, from the operating system to applications, people and data

  • A system that enables people to present their identity claims while addressing issues of authentication, authorization, access and audit

  • Closer alignment between technological, social, political and economic forces in order to make real progress

The goal of End to End Trust is to put users in control of their computing environments while enhancing security and social values, such as privacy and anonymity.

Craig Mundie, Microsoft’s Chief Research and Strategy Officer, discusses the End to End Trust vision during his keynote remarks at RSA Conference 2008. San Francisco, Calif. April 8, 2008.

“We believe that End to End Trust will transform how the industry thinks about and approaches online trust and security,” Mundie said. “Our end goal is a more secure and trustworthy Internet, but it’s also important that we give people the tools that empower them to make good trust choices. End to End Trust will enable new opportunities for collaboration on solutions to social, political, economic and technical issues that will have a long-term impact on Internet security and privacy.”

“Along with our industry partners, Microsoft continues to make progress toward creating more secure, private and reliable computing experiences, but Microsoft and the technology industry alone cannot create a trusted online experience,” said Scott Charney, corporate vice president of Trustworthy Computing at Microsoft. “For that to happen, the industry must not only come together but also work with customers, partners, governments and other key constituencies on a road map for extending Trustworthy Computing to the Internet.”

As a first step toward facilitating an open and productive dialogue, Microsoft today published a white paper outlining a proposal to achieve End to End Trust. The paper is available at, and an online discussion forum has been established at this site where anyone concerned about security and privacy on the Internet can join the dialogue.

“Making trust decisions based on a validated level of security and in support of desired privacy is a pressing concern for organizations and consumers,” said Kurt Roemer, chief security strategist for Citrix Systems Inc. “It’s time for a global collaborative effort to define and support an actionable end-to-end trust model that can help balance the often competing interests of privacy and security.”

Delivering Integrated Solutions Today

While Microsoft moves toward facilitating long-term End to End Trust on the Internet, customers have security and privacy concerns that must be addressed today. Many businesses have deployed point products to try to address their challenges but still struggle with time-consuming, costly administration and a lack of visibility into the overall security state of their environment.

At RSA Conference 2008, Microsoft outlined how it is helping business customers address these challenges, highlighting its integrated solutions across IT security, identity and access, and management. By taking an integrated approach, these solutions help customers save time, reduce costs and help protect their environment. In delivering these solutions, Microsoft brings together unique capabilities across the computing platform and its infrastructure, specifically identity- and policy-based access solutions; enterprise malware defense; and management across IT security, identity and systems. Microsoft also provides prescriptive guidance and simplified licensing to help customers achieve the benefits of its integrated solutions.

More information about Microsoft’s proposal for a more trusted Internet and other event news can be found at, along with progress reports and blogger commentary from Microsoft and other industry experts.

About Microsoft

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at