|





 
 
 

 
contents


!
 
 "|


|


 

#|

#$
"|


#|

"""%&
% #' $"|


 ntroduction
As we tend towards a more and more computer
centric world, the concept of data security has
attained a paramount importance. Though
present day security systems offer a good level
of protection, they are incapable of providing a
trust worthy environment and are vulnerable to
unexpected attacks.
 !
"   (

Intruders:
àasual Prying
Snooping
àommercial Espionage:

½ rus:

Basically a virus is a piece of code that replicates

itself and usually does some damage. n a sense
the writer of a virus is also an intruder, often
with high technical skills.
 Trusted àomputing

!
 ! is a technology developed and promoted by
the Trusted àomputing Group. The term is taken from the field of
trusted systems and has a specialized meaning.

With Trusted àomputing, the computer will consistently behave in

expected ways, and those behaviors will be enforced by hardware
and software. n practice, Trusted àomputing uses cryptography to
help enforce a selected behavior
 Ä
(Äigital
Ä
(Äigital ights
anagement)
ights
anagement)

% 
    (%&) is a generic term for

access control technologies that can be used by hardware
manufacturers, publishers, copyright holders and
individuals to limit the usage of digital content and
devices.

Ä
technologies attempt to control use of digital media by

preventing access, copying or conversion to other formats by
end users. Long before the arrival of digital or even electronic
media, copyright holders, content producers, or other
financially or artistically interested parties had business and
legal objections to copying technologies.
 istory of Palladium

The code name of the initiative is "Palladium," a moniker

drawn from the Greek mythological goddess of wisdom and
protector of civilized life. With "Palladium,"
icrosoft aims to
foster a significant evolution in personal and business
computing through the development of a new set of features
that will be included in a future version of the
icrosoft
Windows operating system.

John
anferdelli says that while
icrosoft͛s global outreach

to the rest of the computer industry has only just begun, the
response so far has been very positive.
 Palladium àryptography
|

&") " *
  
"" "+#
   ,
'# #'" #  

 -
" #

 **
  
"
    -


*  -  
  ,

|

 
 
   ,' 

 ##$
 

 # -
 |.-


 

-  #' 
 Palladium àryptography cont͙

|

#

  
$"  *


# "#  
 

" " |   $,

Palladium can be stated as the first technology to develop

software-hardware synchronization for better data security.

+'# #'" #  

 -/" 0#

 **
  


")     -


*  -  
  ,
 Palladium àryptography cont͙
+#
'|

1
This technology will be very interesting to enterprises and
organizations that are concerned about ensuring the integrity and
security of sensitive kinds of information and transactions, and
who therefore want the additional safeguards enabled by
͞Palladium͟

Examples might include financial services, government, and

healthcare, just to name a few. Any industry in which any
breach of critical information could have devastating
consequences will be among those we expect to be among the
early adapters of "Palladium," with more and broader
 Palladium àryptography cont͙
+     


 |

#




#$#   #

1

2 -&#

'

'
 "


" '
 "#  !3
  
    *  '
*
  *
 ' 
,

+



 

'""|

1
Everything people are doing with Windows today can be done on
the "Palladium" computer of tomorrow. owever, if you want to
take advantage of specific advantages enabled by the Palladium
system, then we hope you will want to upgrade.
 |!32|44%.&

 # 

!
 This is an execution space is protected
from external software attacks such as a virus.

Sealed storage Sealed storage is an authenticated

mechanism that allows a program to store secrets that cannot
be retrieved by non-trusted programs such as a virus or Trojan
horse.
Secure input and output A secure path from the
keyboard and mouse to palladium applications and a secure
path from palladium applications to the screen ensure input-
output security.
"# 
,
2exus (a technology formerly referred to as the ͞ trusted
operating root͟ ) This component manages trust functionality
for palladium user-mode processes (agents). The nexus executes
in kernel mode in the trusted space

Trusted agents A trusted agent is a program, a part of a program,

or a service that runs in user mode in the trusted space. A trusted
agent calls the nexus for security related services and critical
general services such as memory management.
 ow Palladium works
"Palladium" is a new hardware and software architecture. This
architecture will include a new security computing chip and
design changes to a computers central processing unit (àPU),
chipsets, and peripheral devices, such as keyboards and
printers.

The Pà-specific secret coding within "Palladium" that makes

stolen files useless on other machines is physically and
cryptographically locked within the hardware of the machine.
This means software attacks cant expose these secrets
ow Palladium is different from Ä

irst off, "Palladium" will not require Ä
, and Ä
will not

require "Palladium." "Palladium" is a great complementary
technology to the Ä
solutions of tomorrow, but the two are
separate technologies.

Today, Ä
systems have to store those keys in software, and

that represents an inherent vulnerability. "Palladium" , on the
other hand, will offer ways to store keys in hardware, and thats
simply harder to break. Plus, with "Palladium," you can be sure
that your Ä
is running in a trusted environment on
trustworthy machines.
 % #' $"|


Though palladium can provide a higher degree of much
needed data security it is not without its share of problems
like:

1. Software and applications have to be rewritten to

synchronize with palladium or new applications must be
written.
2. àhanges are to be made to the existing computer
hardware to support palladium.