Next Generation Secure Computing Base (NGSCB)
#1

Microsofts Next Generation Secure Computing Base (NGSCB).
Abstract

NGSCB provides high assurance computing in a manner consistent with the commercial requirements of mass market systems. This poses a number of challenges and here describe the system architecture have used to overcome them. pay particular attention to reducing the trusted computing base to a small and manageable size. This includes operating the system without trusting the BIOS, most devices and device drivers and the bulk of the code of mass market operating systems. Furthermore, we seek to strengthen access control and network authentication in mass market systems by authenticating executable code at all system layers.
Reply
#2
[attachment=3642]

NGSCB
INTRODUCTION:

The Next-Generation Secure Computing Base (NGSCB), formerly known as Palladium, is a software architecture designed by Microsoft which is expected to implement parts of the controversial "Trusted Computing" concept on future versions of the Microsoft Windows operating system. NGSCB is part of Microsoft's Trustworthy Computing initiative. Microsoft's stated aim for NGSCB is to increase the security and privacy of computer users, but critics assert that the technology will not only fail to solve the majority of contemporary IT security problems, but also result in an increase in vendor lock-in and thus a reduction in competition in the IT marketplace.
NGSCB relies on hardware technology designed by members of the Trusted Computing Group (TCG), which provides a number of security-related features, including fast random number generation, a secure cryptographic co-processor, and the ability to hold cryptographic keys in a manner that should make them impossible to retrieve, even to the machine's owner. It is this latter ability that makes remote attestation of the hardware and software configuration of an NGSCB-enabled computer possible, and to which the opponents of the scheme chiefly object. Several computer manufacturers are selling computers with the Trusted Platform Module chip, notably IBM Lenovo Think Pads and the Dell OptiPlex GX620.
Microsoft has not published any materials regarding NGSCB on their MSDN site since March 2004, and none of the principal features described in the existing NGSCB materials have appeared in the two major versions of Windows since 2004 (Windows Vista and Windows 7).
Architecture and technical details

Architecture of NGSCB:

A complete Microsoft-based Trusted Computing-enabled system will consist not only of software components developed by Microsoft but also of hardware components developed by the Trusted Computing Group. The majority of features introduced by NGSCB is heavily reliant on specialized hardware and so will not operate on PCs predating 2004.
In current Trusted Computing specifications, there are two hardware components; the Trusted Platform Module (TPM), which will provide secure storage of cryptographic keys and a secure cryptographic co-processor, and a curtained memory feature in the Central Processing Unit (CPU). In NGSCB, there are two software components, the Nexus, a security kernel that is part of the Operating System, and Nexus Computing Agents (NCAs), trusted modules within NGSCB-enabled applications.
Secure storage and attestation:

At the time of manufacture, a cryptographic key is generated and stored within the TPM. This key is never transmitted to any other component, and the TPM is designed in such a way that it is extremely difficult to retrieve the stored key by reverse engineering or any other method, even to the owner. Applications can pass data encrypted with this key to be decrypted by the TPM, but the TPM will only do so under certain strict conditions. Specifically, decrypted data will only ever be passed to authenticated, trusted applications, and will only ever be stored in curtained memory, making it inaccessible to other applications and the Operating System. Although the TPM can only store a single cryptographic key securely, secure storage of arbitrary data is by extension possible by encrypting the data such that it may only be decrypted using the securely stored key.
The TPM is also able to produce a cryptographic signature based on its hidden key. This signature may be verified by the user or by any third party, and so can therefore be used to provide remote attestation that the computer is in a secure state.
Curtained memory:
NGSCB also relies on a curtained memory feature provided by the CPU. Data within curtained memory can only be accessed by the application to which it belongs, and not by any other application or the Operating System. The attestation features of the TPM can be used to confirm to a trusted application that it is genuinely running in curtained memory; it is therefore very difficult for anyone, including the owner, to trick a trusted application into running outside of curtained memory. This in turn makes reverse engineering of a trusted application extremely difficult.
Applications
NGSCB-enabled applications are to be split into two distinct parts, the NCA, a trusted module with access to a limited Application Programming Interface (API), and an untrusted portion, which has access to the full Windows API. Any code which deals with NGSCB functions must be located within the NCA.
The reason for this split is that the Windows API has developed over many years and is as a result extremely complex and difficult to audit for security bugs. To maximise security, trusted code is required to use a smaller, carefully audited API. Where security is not paramount, the full API is available.
Uses
NGSCB is meant as an implementation of Trusted Computing, its potential uses are therefore similar. Proponents claim that TC will make computers safer, less prone to viruses and malware, and thus more reliable from an end-user perspective. In addition, they also claim that Trusted Computing will allow computers and servers to offer improved computer security over that which is currently available.
Digital Rights Management
By utilizing the attestation, curtained memory and cryptographic features of the TPM, a secure form of Digital Rights Management (DRM) may be developed; critics charge that although it does not provide DRM features itself, DRM is nevertheless the primary motivation for the development of NGSCB.
DRM would be implemented by encrypting DRM-protected files and only making the decryption key available to corporate trusted applications. A wide range of copy-protection and similar features could thereby be implemented, limited only by the imagination. For example, it would be possible to create a file that can only be read on one computer, or within one organization, or a file that can only be opened for reading three times. While any DRM-protected file could be just as easily copied or read as an unprotected file, it would be extremely difficult to decrypt the file at an unauthorized destination, rendering it useless.
Network access
In corporate and educational networking environments, a desirable feature of NGSCB is the ability of each workstation to securely attest that no unauthorized modifications have been made either to its hardware or software. A workstation that is unable to authenticate itself can then be automatically denied access to some or all network services at will.
Criticism
NGSCB and Trusted Computing can be used to intentionally and arbitrarily lock certain users out from use of certain files, products and services, for example to lock out users of a competing product, potentially leading to severe vendor lock-in. This is analogous to a contemporary problem in which many businesses feel compelled to purchase and use Microsoft Word in order to be compatible with associates who use that software. Today this problem is partially solved by products such as OpenOffice.org which provide limited compatibility with Microsoft Office file formats. Under NGSCB, if Microsoft Word were to encrypt documents it produced, no other application would be able to decrypt them, regardless of its ability to read the underlying file format.
Availability

When originally announced, NGSCB was expected to be part of the then next major version of the Windows Operating System, Windows Vista (then known as Longhorn). However, in May 2004, Microsoft was reported to have shelved the NGSCB project.This was quickly denied by Microsoft who released a press release stating that they were instead "revisiting" their plans.

History of the Name

Microsoft originally publicized the NGSCB technology under the code name Palladium, which was the word for a mythical talisman that guaranteed the security of Troy. Its working title was "Next-Generation Secure Computing Base," much as Netâ„¢s working title was "Next-Generation Windows Services." In early 2006, Microsoft renamed the NGSCB team at Microsoft to the System Integrity Team.
References

1. "Next-Generation Secure Computing Base". http://microsoftresources/ngscb/default.mspx. Retrieved 2007-05-24.
2. "EOF - Give TCPA an Owner Override". http://linuxjournalarticle/7055. Retrieved 2007-05-24.
3. "Dell Security Software FAQ". http://www1.us.dellcontent/learnmore/lea...~tab=topic. Retrieved 2007-05-24.
4. "MS blames PC architecture for viruses". http://linuxfromscratchpipermail/lfs-chat/2003-August/016683.html. Retrieved 2007-05-24.
5. "Microsoft Next-Generation Secure Computing Base - Technical FAQ". http://microsofttechnet/archive/security/news/ngscb.mspx. Retrieved 2007-05-24.
Reply
#3
can any one post next generation secured computer base documentation consists of 30 to 40 pages
Reply
#4
plz can i get ppt of NGSCB.Sad
Reply
#5
[attachment=13470]
NEW GENERATION SECURE COMPUTING BASE
INTRODUCTION

Next Generation Secure Computing Base,formerly known as Palladium.
The aim for palladium is to increase the security and privacy of computer user.
Palladium refers to as a security chip
INTRODUCTION
Internet security is also provided by palladium such as protecting data from virus and hacking of data.
Palladium gives individual & groups of users greater data security ,personal privacy & system integrity.
Solution Tonguealladium
The fundamental benefit of Palladium fall into three chief categories;
Greater system integrity, superior personal privacy & enhanced data security
System integrity: Verification of hardware/software component, to what they are and what sealed data they can access.
Enhanced data security:
Authenticate machine identify
keys are stored sealed storage
Protect personal privacy:
Prevent unauthorized access of personal data from the network
CORE PRINCIPLES OF PALLADIUM
Palladium comprises two key component :
Hardware
Software
HARDWARE COMPONENTS
TRUSTED SPACE
SEALED STORAGE
ATTESTATION
TRUSTED SPACE
The execution space is protected from external software attacks such as a virus.
Trusted space is set up and maintained by nexus .
SEALED STORAGE
Sealed storage is an authenticated mechanism allows a program to store secrets that cannot be retrieved by no trusted program such as a virus or Trojan horse.
ATTESTATION
Attestation is a mechanism that allows the user to reveal selected characteristics of the operating environment to external requestor
SOFTWARE COMPONENTS
NEXUS
TRUSTED AGENT
NEXUS

Technology formerly referred to as the Trusted Operating Root(TOR).
The nexus executes in kernel mode in the trusted space.
It provides basic services to trusted agents
TRUSTED AGENT
Trusted agent is a program a part of a program ,or a service that runs in user mode in the trusted space
A Trusted agent calls the nexus for security related services and critical general services such as memory management
Know Element of Palladium
The system will store personal data with in an encrypted folder.
The system will filter
The system has personal information sharing agent called”My Man”.
The system will depend on hardware that has either a digital signature or tracking number.
The system purports to stop viruses by preventing the running of malicious programs
COMPARISON OF TCPA and PALLADIUM
TCPA Stands for Trusted Computing Platform Alliance, an initiative led by Intel.
Palladium is a software that Microsoft says it plane to incorporate in future version of Window.
ADVANTAGES OF PALLADIUM
BLOCK MALICIOUS CODE
DIGITAL RIGHT MANAGEMENT
DISADVANTAGES OF PALLADIUM
UPGRADES
INTEROPERABILITY
LEGACY PROGRAMS
CONCLUSION
This technology will provide tougher security defenses and more abudnat privacy.
Palladium users will have unparallel power over system integrity ,Personal privacy and data security.
A new generation of Palladium compatible hardware and peripherals will need to design and built.
Palladium is not a magic bullet.
It provided the trustworthiness necessary to enable business ,government and individual to fully embrace the increasing digitization of life.
FUTURE ENHANCEMENT
Palladium could easily becomes a requirement for future Window Microsoft has been some cool enhancement in 2010 version
Reply
#6
to get information about the topic NEXT GENERATION COMPUTING BASE full report ,ppt and related topic refer the page link bellow

http://studentbank.in/report-next-genera...base-ngscb

http://studentbank.in/report-next-genera...gscb--6101

http://studentbank.in/report-next-genera...scb?page=2

Reply
#7
Hi,
Can u plz post a c code for NGSCB?
Reply
#8
plz sen me ppt and seminar report on next genration secure computing base (NGSCB)

on rajkumawat4u[at]gmail.com
Reply
#9
to get information about the topic NEXT GENERATION COMPUTING BASE full report ,ppt and related topic refer the page link bellow

http://studentbank.in/report-next-genera...base-ngscb

http://studentbank.in/report-next-genera...gscb--6101

http://studentbank.in/report-next-genera...scb?page=2
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: tpm questainaire, next generation secure computing base doc, nexus 5, next generation secure computing base ms word, the next generation of computing, next generation secure computer base seminar report, next generation secure computing,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  A SEMINAR REPORT on GRID COMPUTING Computer Science Clay 5 16,196 09-03-2015, 04:48 PM
Last Post: iyjwtfxgj
  3D PASSWORD FOR MORE SECURE AUTHENTICATION full report computer science topics 116 82,004 03-04-2014, 11:39 PM
Last Post: seminar report asees
  Soft Computing seminar surveyer 2 11,126 29-10-2013, 03:50 PM
Last Post: kavitaswami93gmail.com
  Modular Computing seminars report computer science crazy 4 21,394 08-10-2013, 04:32 PM
Last Post: Guest
  self managing computing system full report computer science technology 5 14,128 18-05-2013, 09:48 AM
Last Post: computer topic
  Unicode And Multilingual Computing computer science crazy 2 8,225 06-05-2013, 11:18 AM
Last Post: computer topic
  What Networking of Information Can Do for Cloud Computing project topics 1 8,189 29-03-2013, 01:03 AM
Last Post: Guest
Brick Face Recognition using the Techniques Base on Principal Component Analysis (PCA) computer science crazy 3 2,968 04-03-2013, 01:21 PM
Last Post: Guest
  pervasive computing full report computer science technology 11 18,392 02-03-2013, 11:34 AM
Last Post: seminar details
  Nanocell Logic Gates For Molecular Computing full report seminar presentation 3 10,051 02-01-2013, 10:21 AM
Last Post: seminar details

Forum Jump: