Microsoft's Next-Generation Secure Computing Base (NGSCB)-another way Microsoft is building a trustworthy computing environment to help customers realize their full potential.
Since the beginning of this initiative, Microsoft's vision has been to create new security technology for the Microsoft Windows platform that uses a unique hardware and software design to give people new kinds of security and privacy protections in an interconnected world. The vision has not changed.
Our original approach was to create a new secure computing base that would run parallel to the regular Windows environment. This environment would provide features such as strong process isolation, sealed storage, secure path to and from the user, and attestation. This architectural approach would have required that applications be rewritten to take advantage of the new secure computing base.
While our customers said they liked the enhanced level of security offered in the original NGSCB architecture, they needed higher availability, better performance, and compatibility with existing applications. We heard strong feedback requesting that we meet these critical new requirements, as customers were concerned that having to rewrite all of their applications would hinder adoption of NGSCB.
Our first delivery on the vision is a hardware based security feature in Longhorn called Secure Startup. Secure Startup utilizes a Trusted Platform Module (TPM 1.2) to improve PC security and it meets some of the most critical requirements we heard from our customers-specifically, the capability to ensure that the PC running Longhorn starts in a known-good state, as well as protection of data from unauthorized access through full volume encryption.
Subsequent to Secure Startup, Microsoft will be focused on continuing to build other aspects of the NGSCB vision. These will complement Secure Startup to enable a broad range of new secure computing solutions. The technical specifications, timing and delivery vehicles are TBD.