Risk
4/7/2008
05:25 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

RSA: Microsoft Calls For Broad Dialogue On Internet Trust

Research officer Craig Mundie's proposal includes the creation of a trusted computing stack in which software, hardware, people, and data can be authenticated.

At the 2008 RSA Conference in San Francisco on Tuesday, Microsoft chief research and strategy officer Craig Mundie called for a wide-ranging discussion about creating a more trustworthy Internet.

As a first step, Microsoft published a call-to-action for the technology industry that proposes the necessary elements for establishing a more secure and trustworthy environment online. The white paper detailing Microsoft's plan, "Establishing End to End Trust," was written by Scott Charney, the company's corporate VP of trustworthy computing.

Microsoft has also established an online forum where those concerned about security and privacy on the Internet can participate in the discussion.

The vision articulated by Microsoft encompasses the creation of a trusted computing stack in which software, hardware, people, and data can be authenticated. It imagines "a system that enables people to preserve their identity claims while addressing issues of authentication, authorization, access, and audit." And it seeks closer alignment of Internet stakeholders as a means to make progress, an aspiration that implicitly acknowledges the daunting task of rebuilding trust online.

Microsoft is aware of the difficulties of rewriting the rules of the Internet, but it contends something has to be done. "[S]taying the current course will not be sufficient; the real issue is that the current strategy does not address effectively the most important issue: a globally connected, anonymous, untraceable Internet with rich targets is a magnet for criminal activity -- criminal activity that is undeterred due to a lack of accountability," Charney explains in his white paper. "Moreover, the Internet also fails to provide the information necessary to permit lawful computer users to know whether the people they are dealing with, the programs they are running, the devices they are connecting to, or the packets they are accepting are to be trusted."

"We believe that End to End Trust will transform how the industry thinks about and approaches online trust and security," said Mundie in prepared remarks. "Our end goal is a more secure and trustworthy Internet, but it's also important that we give people the tools to empower them to make good trust choices. End to End Trust will enable new opportunities for collaboration on solutions to social, political, economic, and technical issues that will have a long-term impact on Internet security and privacy."

Perhaps wary of the blowback that followed its 2001 introduction of its "Hailstorm" identity database service (which withered a year later because other companies didn't want Microsoft authenticating their customers), Microsoft is providing more detail about what its proposal is not than what it is.

Charney makes it clear that Microsoft is not calling for an end to anonymity, a new national identification scheme, or a mega-database of personal information.

At the same time, Charney acknowledges that Microsoft's vision will have some impact on privacy, that abuse of a more authenticated environment may still happen, and that universal buy-in isn't necessary to make the Internet more trustworthy.

Kurt Roemer, chief security strategist for Citrix Systems, in a statement acknowledged that being able to assess trustworthiness online remains a key concern for organizations and consumers. "It's time for a global collaborative effort to define and support an actionable end-to-end trust model that can help balance the often competing interests of privacy and security," he said.

The question is whether a Microsoft-driven initiative can thrive despite the competing interests of competitors, or whether any such effort, however seemingly well-intentioned, is doomed by technological partisanship and conflicting agendas.

But in taking such a hat-in-hand approach, in asking for consensus-building rather than trying to impose a branded technical solution, Microsoft manages to make such a question seem petty, like arguing over whether red or blue buckets should be used to bail water out of the sinking ship that is the Internet.

Charney doesn't quite put it that way. He asks, "As we become increasingly dependent on the Internet for all our daily activities, can we maintain a globally connected, anonymous, untraceable Internet and be dependent on devices that run arbitrary code of unknown provenance?"

Answering his own question as if there were still some question about the answer, Charney continues, "If the answer to that is 'no,' then we need to create a more authenticated and audited Internet environment, one in which people have the information they need to make good trust choices."

In other words, we need to create a more authenticated and audited Internet environment.

In a phone interview prior to Mundie's address, Steve Lipner, senior director of security engineering strategy of Microsoft's Trustworthy Computing group, discussed Mundie's planned remarks and how much the security of Microsoft's products had improved in the six years since its Trustworthy Computing initiative began. The security of Microsoft's products isn't perfect, he said, because that isn't possible. But they are now on a path of continuous improvement.

Although the vulnerability of Microsoft's software has declined, Lipner said, the shift toward sophisticated targeted attacks and social engineering shows that there's more to be done. "While there's some comfort the products are getting secure, there's still concern that customers aren't safe on the Net," he said.

As an example of how the Internet might work if other major stakeholders buy into Microsoft's vision, Lipner pointed to Web sites for children. "If you have children-only Web sites, how do you know that the children-only Web site is in fact for children only?" he said. "With stronger authentication and a trusted stack, we get to the idea of in-person proofing."

The idea, a safer Internet, certainly sounds appealing. But the devil is in the details. In all likelihood, Microsoft will be providing updates on its End to End Trust proposal at the 2009 RSA Conference, and in the years that follow, for quite some time. "This is a launch of a long term initiative that we think will bear fruit over time, but is very important in improving people's trust in the Internet," said Lipner.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7392
Published: 2014-07-22
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

CVE-2014-2385
Published: 2014-07-22
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter t...

CVE-2014-3518
Published: 2014-07-22
jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform (JEAP) 5.2.0, Red Hat JBoss BRMS 5.3.1, Red Hat JBoss Portal Platform 5.2.2, and Red Hat JBoss SOA Platform 5.3.1, does not properly implement the JSR 160 specification, which allows remote attackers to exec...

CVE-2014-3530
Published: 2014-07-22
The org.picketlink.common.util.DocumentUtil.getDocumentBuilderFactory method in PicketLink, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 5.2.0 and 6.2.4, expands entity references, which allows remote attackers to read arbitrary code and possibly have other unspecified impact via...

CVE-2014-4326
Published: 2014-07-22
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.