ARCHIVE
ID Number: FT-22-9418



This research is provided for historical perspective;
portions of this document may not reflect current conditions.





Microsoft's NGSCB Integration Plans Should Simplify Security
11 May 2004
 
Martin Reynolds  

Microsoft's plans to integrate the Next-Generation Secure Computing Base (NGSCB) with the Longhorn operating system. This approach should make it easier to secure applications without modifications.






Browse Topics


Other Options







Contact Gartner






Download Document:

PDF
microsofts_ngsc.pdf (33.4KB)

Help with Downloads




News Analysis



Event

On 4 May 2004, Microsoft announced changes to NGSCB that will integrate it closely with the forthcoming version of Windows, code-named Longhorn. This integration is designed to make NGSCB more accessible to applications without modification.
Return to Top


Analysis

NGSCB was originally designed to create a parallel, secured, sealed and trusted partition that ran alongside any operating system. This architecture isolated NGSCB from the Windows development process, but also required modifications to applications using NGSCB features.

Microsoft now plans to simplify implementation of NGSCB within the Longhorn infrastructure. Longhorn will provide scheduling, boot, advanced driver, and application programming interface (API) capabilities for NGSCB, simplifying the NGSCB nexus. This simplification makes it easier to develop the trusted code required by the nexus. The nexus may also be able to support Windows APIs, allowing the nexus agents to be more sophisticated, yet still be secured. The nexus maintains ultimate discipline over the secured memory partition feature to be introduced in NGSCB-capable processors, and will presumably be capable of offering strong isolation capabilities to the Longhorn kernel, further improving system security and stability.

NGSCB capability will now be potentially far more accessible to applications without modification. The more sophisticated NGSCB environment will open the door for a broad range of infrastructure components that need to be implemented in a secured environment. Network security and hard-drive encryption would, for example, be good candidates for Nexus implementation, because they cannot be compromised by a successful attack on Longhorn.

Recommendations: Gartner expects Longhorn to launch with NGSCB components that provide strong authentication without passwords — which will, for example, enable users to effectively secure laptop data. Gartner recommends that technology vendors and buyers continue to observe the progress of the Longhorn/NGSCB program and plan for availability in 2007.

Analytical Source: Martin Reynolds, Gartner Research

Recommended Reading and Related Research

(You may need to sign in or be a Gartner client to access all of this content.)
Return to Top







Browse Topics:
 
Windows Client Software
Windows Server Software
Software Platform Architecture
Windows Vista




© 2004 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The conclusions, projections and recommendations represent Gartner's initial analysis. As a result, our positions are subject to refinements or major changes as Gartner analysts gather more information and perform further analysis. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.




Resource Id: 448418