05:25 PM
Connect Directly

RSA: Microsoft Calls For Broad Dialogue On Internet Trust

Research officer Craig Mundie's proposal includes the creation of a trusted computing stack in which software, hardware, people, and data can be authenticated.

At the 2008 RSA Conference in San Francisco on Tuesday, Microsoft chief research and strategy officer Craig Mundie called for a wide-ranging discussion about creating a more trustworthy Internet.

As a first step, Microsoft published a call-to-action for the technology industry that proposes the necessary elements for establishing a more secure and trustworthy environment online. The white paper detailing Microsoft's plan, "Establishing End to End Trust," was written by Scott Charney, the company's corporate VP of trustworthy computing.

Microsoft has also established an online forum where those concerned about security and privacy on the Internet can participate in the discussion.

The vision articulated by Microsoft encompasses the creation of a trusted computing stack in which software, hardware, people, and data can be authenticated. It imagines "a system that enables people to preserve their identity claims while addressing issues of authentication, authorization, access, and audit." And it seeks closer alignment of Internet stakeholders as a means to make progress, an aspiration that implicitly acknowledges the daunting task of rebuilding trust online.

Microsoft is aware of the difficulties of rewriting the rules of the Internet, but it contends something has to be done. "[S]taying the current course will not be sufficient; the real issue is that the current strategy does not address effectively the most important issue: a globally connected, anonymous, untraceable Internet with rich targets is a magnet for criminal activity -- criminal activity that is undeterred due to a lack of accountability," Charney explains in his white paper. "Moreover, the Internet also fails to provide the information necessary to permit lawful computer users to know whether the people they are dealing with, the programs they are running, the devices they are connecting to, or the packets they are accepting are to be trusted."

"We believe that End to End Trust will transform how the industry thinks about and approaches online trust and security," said Mundie in prepared remarks. "Our end goal is a more secure and trustworthy Internet, but it's also important that we give people the tools to empower them to make good trust choices. End to End Trust will enable new opportunities for collaboration on solutions to social, political, economic, and technical issues that will have a long-term impact on Internet security and privacy."

Perhaps wary of the blowback that followed its 2001 introduction of its "Hailstorm" identity database service (which withered a year later because other companies didn't want Microsoft authenticating their customers), Microsoft is providing more detail about what its proposal is not than what it is.

Charney makes it clear that Microsoft is not calling for an end to anonymity, a new national identification scheme, or a mega-database of personal information.

At the same time, Charney acknowledges that Microsoft's vision will have some impact on privacy, that abuse of a more authenticated environment may still happen, and that universal buy-in isn't necessary to make the Internet more trustworthy.

Kurt Roemer, chief security strategist for Citrix Systems, in a statement acknowledged that being able to assess trustworthiness online remains a key concern for organizations and consumers. "It's time for a global collaborative effort to define and support an actionable end-to-end trust model that can help balance the often competing interests of privacy and security," he said.

The question is whether a Microsoft-driven initiative can thrive despite the competing interests of competitors, or whether any such effort, however seemingly well-intentioned, is doomed by technological partisanship and conflicting agendas.

But in taking such a hat-in-hand approach, in asking for consensus-building rather than trying to impose a branded technical solution, Microsoft manages to make such a question seem petty, like arguing over whether red or blue buckets should be used to bail water out of the sinking ship that is the Internet.

Charney doesn't quite put it that way. He asks, "As we become increasingly dependent on the Internet for all our daily activities, can we maintain a globally connected, anonymous, untraceable Internet and be dependent on devices that run arbitrary code of unknown provenance?"

Answering his own question as if there were still some question about the answer, Charney continues, "If the answer to that is 'no,' then we need to create a more authenticated and audited Internet environment, one in which people have the information they need to make good trust choices."

In other words, we need to create a more authenticated and audited Internet environment.

In a phone interview prior to Mundie's address, Steve Lipner, senior director of security engineering strategy of Microsoft's Trustworthy Computing group, discussed Mundie's planned remarks and how much the security of Microsoft's products had improved in the six years since its Trustworthy Computing initiative began. The security of Microsoft's products isn't perfect, he said, because that isn't possible. But they are now on a path of continuous improvement.

Although the vulnerability of Microsoft's software has declined, Lipner said, the shift toward sophisticated targeted attacks and social engineering shows that there's more to be done. "While there's some comfort the products are getting secure, there's still concern that customers aren't safe on the Net," he said.

As an example of how the Internet might work if other major stakeholders buy into Microsoft's vision, Lipner pointed to Web sites for children. "If you have children-only Web sites, how do you know that the children-only Web site is in fact for children only?" he said. "With stronger authentication and a trusted stack, we get to the idea of in-person proofing."

The idea, a safer Internet, certainly sounds appealing. But the devil is in the details. In all likelihood, Microsoft will be providing updates on its End to End Trust proposal at the 2009 RSA Conference, and in the years that follow, for quite some time. "This is a launch of a long term initiative that we think will bear fruit over time, but is very important in improving people's trust in the Internet," said Lipner.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio