Gates Unveils Next Generation Secure Computing Base

Speaking before hundreds of hardware and software developers at the Windows Hardware Engineering Conference (WinHEC) here, Gates said Next Generation Secure Computing Base (NGSCB) technology will allow for "security guarantees about the cryptography and secrets kept inside the system" even as the PC runs third-party software.

"This is a breakthrough," declared Gates. "It is a breakthrough that will allow for privacy guarantees, that will allow for document distribution controls, that will allow for PCs to be used for applications that are not being used today."

Gates said the new security technology will be included in part in the next major release of Windows, code-named Longhorn. The technology will be a subset of Windows, according to a Microsoft fact sheet.

"There are a lot of pieces that need to come together," said Gates. "We do think over time this will be a feature of all PCs."

The new technology is a multiyear effort that is in the early stages of development and includes unique hardware and software design to provide new kinds of security and privacy protections, Microsoft said. For example, the new technology will allow knowledge workers who want to keep data secure to work across organizational boundaries, Gates said.

NGSCB appears to be a broad, far-reaching initiative that could impact virus protection and security software vendors. The technology, for example, is designed to protect critical data against malicious software such as viruses, Trojan horses and spyware, Microsoft said.

The company is betting that businesses will use NGSCB to augment their security and data protection strategies. Among the functionality Microsoft is pledging is the ability to give people control over when and how information, such as personal records or financial data, can be processed and the ability to perform secure authenticated transactions over the Internet while limiting the disclosure of personal data.

Microsoft claims that the technology will help prevent identity fraud. Furthermore, the company said NGSCB will verify that computers, programs and computing devices are properly identified before they can access information or resources, even over remote connections.

NGSCB could also enhance VPNs by ensuring that when an employee remotely logs onto a corporate network, the network will know that the employee's computer is authorized for safe access.

Developers will get a chance to preview the NGSCB technology at the Microsoft Professional Developers Conference in October, said Mike Nash, corporate vice president to the security unit for Microsoft.

Nash, during the first public demonstration of the NGSCB technology in a briefing at the conference, said the pre-beta preview for developers will consist primarily of a software emulation.

The NGSCB complete beta SDK will be made available in sync with the beta of Microsoft's next operating system, code-named Longhorn, he said. The goal is to deliver NGSCB-ready desktops, laptops and workstations in sync with the Longhorn release, Nash said.

Microsoft already has the support of Intel, AMD and a number of other companies, he said.

NGSCB includes a security kernel called Nexus that runs in conjunction with agents in software applications. NGSCB requires new processor and chipset functionality along with new software applications functionality.

Kevin Corbett, group director of marketing and strategic planning for Intel's developer platform group, said there are a lot of changes that need to take place on the CPU side to deliver NGSCB.

He said Intel will be coming out with a developer program that will be timed with the NGSCB beta SDK. "In the long term this is going to create a foundation upon which a more trusted computing environment can be built," Nash said.