Q&A: Microsoft Seeks Industry-Wide Collaboration for “Palladium” Initiative

EDITORS’ UPDATE, January 25, 2003
— Microsoft has discontinued use of the code name


Palladium.

The new components being developed for the Microsoft
®
Windows
®

Operating System, which are described in this article under the code name


Palladium,


are now referred to as the Next-Generation Secure Computing Base for Windows.

REDMOND, Wash, July 1, 2002 — Microsoft launched its Trustworthy Computing initiative earlier this year with an e-mail from Chief Software Architect Bill Gates to the companys 50,000 employees around the world. The memo directed all divisions to make security, privacy, and availability of Microsoft products and services their top priorities in order to increase trust in computing systems. Now, as Microsoft embarks on another initiative — one that addresses many of the challenges of Trustworthy Computing — the company seeks the assistance and insight of others in the computing world.



John Manferdelli

The code name of the initiative is
“Palladium,”
a moniker drawn from the Greek mythological goddess of wisdom and protector of civilized life. With
“Palladium,”
Microsoft aims to foster a significant evolution in personal and business computing through the development of a new set of features that will be included in a future version of the Microsoft Windows operating system.

PressPass spoke to John Manferdelli, general manager of the Windows business unit that is building
“Palladium.”
He says that while Microsofts global outreach to the rest of the computer industry has only just begun, the response so far has been very positive. “The development of ‘Palladium’ is still in its infancy,” he says. “While we realize there are many more constituencies that need to be brought into the process, we have every reason to believe this is a technological breakthrough that the industry can really get behind.”

PressPass: Can you talk a bit about the


Palladium


project and how it started?

Manferdelli: “Palladium”
is Microsofts code name for an evolutionary set of features for the Windows operating system. Combined with a new breed of hardware and applications, these features will give individuals and groups of users greater data security, personal privacy, and system integrity.

The project began about four years ago as an epiphany among a small group of Microsoft employees who were working to solve the problem of content protection for online movies. Their work got them thinking about new ways of using Public Key cryptography — the technology already widely used for secure Internet interactions. In the process, they devised a fundamentally new framework for PC architecture. They soon realized that their ideas had implications for a very wide range of needs, far beyond just content protection. So they just kept working at it in their spare time. The more they refined this framework, the more excited they became, and the more they began to evangelize it within Microsoft. Then they began reaching out to partners externally — initially, to Intel and AMD — to begin the process of thinking about how we could work together on this. Eventually, the idea took root within the Windows organization. Last fall, a new product unit was created to solidify the effort and allow people to work exclusively on it.

PressPass: Specifically, how will


Palladium


enhance security and privacy?

Manferdelli: “Palladium”
will greatly reduce the risk of many viruses and spyware — software that captures and reports information from inside your PC — and other attacks. Memory in
“Palladium”
PCs and other devices will run only
“trusted”
code that is physically isolated, protected, and inaccessible to the rest of the system. Files within the
“Palladium”
architecture will be encrypted with secret coding specific to each PC, making them useless if stolen or surreptitiously copied.

“Palladium”
also will allow users to determine the personal information they reveal online because it allows the user to operate in different
“realms”
within their PC. Like a set of vaults, realms provide users the assurance that they can securely keep private and public information separate. Each realm will have its own distinct identifiers, policies, and categories of data. This will allow users to provide the credentials necessary to make online transactions while preventing identity theft and unauthorized access to personal data — such as credit-card numbers — from the users PC or other device. Even information traveling between a users keyboard and monitor will be protected by
“Palladium’s”
optional hardware architecture. This means keystrokes cant be snooped or spoofed, even by malicious device drivers.

The end result is a system with security similar to a closed-architecture system but with the flexibility of the open Windows platform.

PressPass: How does


Palladium


work?

Manferdelli: “Palladium”
is a new hardware and software architecture. This architecture will include a new security computing chip and design changes to a computers central processing unit (CPU), chipsets, and peripheral devices, such as keyboards and printers. It also will enable applications and components of these applications to run in a protected memory space that is highly resistant to tampering and interference.

The PC-specific secret coding within
“Palladium”
that makes stolen files useless on other machines is physically and cryptographically locked within the hardware of the machine. This means software attacks cant expose these secrets. Even if a sophisticated hardware attack were to get at them, these core system secrets would only be applicable to the data within a single computer and could not be used to develop hacks on other computers.

PressPass: Will


Palladium


change Windows?

Manferdelli: “Palladium”
will allow us to introduce a new level of functionality, one that is not designed to replace anything that happens in Windows but rather to open new capabilities and new possibilities. The things that are great about Windows today will be great about Windows tomorrow, and on into the future. The things people like to do with Windows wont go away, but
“Palladium”
will let people take advantage of new solutions and advantages that we can only imagine today.

PressPass: Who would be most interested in


Palladium?

Manferdelli: This technology will be very interesting to enterprises and organizations that are concerned about ensuring the integrity and security of sensitive kinds of information and transactions, and who therefore want the additional safeguards enabled by
“Palladium.”
Examples might include financial services, government, and healthcare, just to name a few. Any industry in which any breach of critical information could have devastating consequences will be among those we expect to be among the early adapters of
“Palladium,”
with more and broader implementations over time.

PressPass: How will


Palladium


differ from digital rights management (DRM)?

Manferdelli: First off,
“Palladium”
will not require DRM, and DRM will not require
“Palladium.” “Palladium”
is a great complementary technology to the DRM solutions of tomorrow, but the two are separate technologies.

You can think of DRM as a way to define policy or a set of rules for a specific piece of information. DRM gives a person who creates a piece of digital information the ability to specify the rules by which it gets used. It lets you say, “This file can only be opened by a certain person or used in a certain way,” and it ensures that your intentions are carried out. The technology then locks up the information and ensures that the rules are enforced even when it leaves your computer and goes out into the world. People tend to view DRM in terms of protecting online movies or music, but we see much broader applications, particularly among businesses.

What
“Palladium”
offers is a new and powerful way to enforce the rules that DRM specifies. Every DRM solution requires some method for storing the keys used to lock and unlock protected information. Today, DRM systems have to store those keys in software, and that represents an inherent vulnerability.
“Palladium”
, on the other hand, will offer ways to store keys in hardware, and thats simply harder to break. Plus, with
“Palladium,”
you can be sure that your DRM is running in a trusted environment on trustworthy machines. So while
“Palladium”
wont create DRM, it will provide a more trusted base on which to build it.

PressPass: How are you getting industry buy-in and participation?

Manferdelli: Were building the development process to be a collaborative industry initiative. We understand this kind of process can only work if every stakeholder trusts the process and has an opportunity to participate. Plus, the
“Palladium”
technology must be broadly adopted to be fully effective. Its not something that will belong to only one company; its something that everyone across the landscape of computing needs to be invested in. It will take more than the companies that provide technology. It will take everyone who has a stake in what those companies are building, including people who care about policy, about security, influential individuals, consumer and civil liberties advocates, governmental agencies around the world, and so on. Weve begun outreach to a lot of these communities, but we have a lot more to do and well continue to do it.

PressPass: How has the industry response been?

Manferdelli: Engineers and people who understand security at a deep level get very excited when they look into what were doing. Its a matter of openness and education; the more people see and the more they have an opportunity for dialogue, the more intrigued they become. Everything weve seen and heard has only made us more certain that this is the right thing for the industry, the right thing for people who use computers. But we know we have a lot of work ahead of us in terms of educating interested parties, listening, and being open to new perspectives and ideas.

PressPass: What are you doing to assure people that


Palladium


will really work the way you say it will?

Manferdelli: For one thing, we will be publishing the source code of the critical piece of enabling software — the Trusted Operating Root — through our Shared Source Initiative so that it can be evaluated and validated by third parties. We will make it widely available so people can see for themselves and not just take our word for it. One of the major reasons people accepted public key cryptography was that the team at MIT that produced the underlying technology — the RSA algorithms — immediately published its work. We will do the same with the Trusted Operating Root. Ultimately, sharing source code has a net-neutral effect on security, but it fosters a high degree of trust for both the implementers and users of the technology. The beauty of publishing the Trusted Operating Root source code is that this is a type of technology that even when known, still cant be broken. In fact, knowing whats going on is going to be essential to being able to trust it.

PressPass: Will computer users need to upgrade their computers to benefit from


Palladium?

Manferdelli: Everything people are doing with Windows today can be done on the
“Palladium”
computer of tomorrow. However, if you want to take advantage of specific advantages enabled by the Palladium system, then we hope youll want to upgrade. That said, we dont expect everyone to rush out and upgrade; we expect incremental adoption of the technology. As people naturally look to evolve their systems, we hope they will view Palladium as a valuable enough option to make that transition.

PressPass: When can we expect to see Palladium-compatible computers on the market?

Manferdelli: This initiative wont happen tomorrow or next year. Its a long journey and were still drawing the map.

Related Posts