How is Microsoft's Trustworthy Computing initiative evolving?
As you know, 1 year ago, Microsoft announced its Trustworthy Computing initiative. The first phase of the initiative included examining the current state of security in the company's products and educating its developers so that they could write more secure code from the ground up. (As an aside, Microsoft's efforts toward security include the 72 security patches published in 2002 for the company's existing software packages.)
The second phase of Trustworthy Computing, which Microsoft calls "Designed for Trust," is well underway. As Craig Mundie, senior vice president and chief technical officer, advanced strategies and policy for Microsoft, pointed out in November 2002, "\[The second phase\] involves intercepting several products in mid-development and building in new approaches to security." Part of the effort produced Windows XP Service Pack 1 (SP1) and will produce Windows .NET Server (Win.NET Server) 2003, slated for release about April of this year. In addition, the company is working on "several Web security standards," which are bound to include Web Services Security Language (WS-Security). You can learn more about WS-Security in Christa Anderson's article "WS-Security Sets Standard for Web Services Transactions" and in the June 12, 2002, Security UPDATE newsletter.
According to a story at "eWeek", the second phase of Trustworthy Computing also includes Prescriptive Architectural Guidance. The story states that the guidance "will lay out instructions for ways IT managers can lock down Windows 2000 machines. Under the guidelines, OEMs such as Dell Computer Corp. will be able to configure systems to customer specifications, including turning off unwanted services and features, such as active scripting in Internet Explorer \[IE\]."
You'll find even more ways to eliminate unwanted services in the upcoming Win.NET Server release. In the past, Windows server and workstation installations activated many services, and users had to use a checklist to disable unwanted services. However, Win.NET Server includes a technology called Secure Server Roles (SSR), which helps users configure their servers through a series of questions and answers. After users answer questions about how they'll use the server in a given network environment, unnecessary services would be left inactive, which lessens the chances of intrusion through inadvertent service provision.
In addition, Win.NET Server will include the option of having the server act as an intermediary—by pulling Microsoft patches into the network and automatically sending them out to workstations and servers. The technology is already available as Microsoft Software Update Services (SUS). SUS runs on Win.NET Server and Win2K Server and can deploy patches to XP and Win2K systems. The update service is a great concept that could potentially save companies a lot of time and effort; however, in some instances, patches still break system functionality and on rare occasions reintroduce previously patched problems. Microsoft patch testing must become more thorough—in fact, impeccable—if the company expects users to adopt automatic updates with total confidence.
The third phase of the Trustworthy Computing initiative, which Microsoft calls "Architected for Trust," involves products still on the drawing board. Among those products, presumably, are the next version of Windows, code-named Longhorn, and the new security subsystem, code-named Palladium. Take time to learn more about Longhorn and Palladium.
At this point, Microsoft's initiative seems to be working to some extent. However, the brunt of the company's road map remains to come in future products. Getting more secure and staying more secure will undoubtedly require users to expense new hardware and software. And those who choose to keep their existing platforms for longer periods of time might find themselves gaining more value for their investments, yet at the same time incurring slightly higher risks. How the initiative balances out in the long run remains to be seen.