The 32nd IPP Symposium

Next-Generation Secure Computing Base

Brian LaMacchia, Microsoft

This talk will present a technical overview of the architecture and key features of Microsoft's Next Generation Secure Computing Base (NGSCB). NGSCB is new security technology for the Microsoft Windows operating system that leverages TCG components plus other unique hardware and software elements to create isolated processing spaces inside the PC that can give people greater security and privacy in the ways that they use computers. Microsoft is building base-level software components that will enable more secure interaction with applications, peripheral hardware, memory, and storage by adding four new security services to today's PCs: curtained memory, secure input and output, sealed storage and attestation. Together, these features provide a high-assurance execution environment running in parallel with the "traditional" kernel- and user-mode stacks. The goal of NGSCB is to help protect software from software; that is, to provide a set of features and services that a software application can use to defend against malicious software also running on the machine (viruses running in the main operating system, keyboard sniffers, frame grabbers, etc). NGSCB is not designed to provide defenses against hardware-based attacks that originate from someone in control of the local machine.

Bio:

Dr. Brian A. LaMacchia is a Software Architect in the Windows Security group at Microsoft, a position he has held since May 2002. Previously he was the Development Lead for the .NET Framework Security infrastructure, and he began his career at Microsoft as the Program Manager for core cryptography in Windows 2000. Prior to joining Microsoft, Brian was a member of the Public Policy Research Group at AT&T Labs-Research in Florham Park, NJ. He received S.B., S.M., and Ph.D. degrees in Electrical Engineering and Computer Science from MIT in 1990, 1991, and 1996, respectively.