Palladium (TCG) |
Article is yet to be rated |
|
| Author:
| Fu
|
|
| Submitted: |
04-Apr-2004 08:58:33 |
| Imported From: |
zZine (original author: Sorcer)
|
This article will cover the Pallidium (TCG) system, and how it may affect your privacy.
|
|
TCG Project:
Original name- "Trusted Computing" (IBM)
Microsoft name- "Trusworthy Computing"
Intel name- "Safer Computing"
TCG Old name- "TCPA" (Before it incorporated) Old Microsoft name- "Palladium" (Digital Rights Management)
New Microsoft name- "NGSCB"
All of the above are different names referring to the same project. Confusing?
It is safe to speculate all these whiz-bang acronyms are intentionally trying to draw focus away from what the project really does. For example, TCG can support remote censorship. So someone who writes a paper that a court decides is defamatory can be compelled to censor it - and the software company that wrote the word processor could be ordered to do the deletion if the person refuses. Sounds to me like Uncle Sam wants to rewt our boxes...
The Trusted Computing Group (TCG) is an alliance of Microsoft, Intel, IBM, HP and AMD which promotes a standard for a `more secure' PC. Their definition of `security' is controversial; machines built according to their specification will be more trustworthy from the point of view of software vendors and the content industry, but will be less trustworthy from the point of view of their owners. In effect, the TCG specification will transfer the ultimate control of your PC from you to whoever wrote the software it happens to be running.
(Yes, even more so than at present).
TCG provides for a monitoring and reporting component to be mounted in future PCs. The preferred implementation in the first phase of TCG emphasized the role of a `Fritz' chip - a smartcard chip or dongle soldered to the motherboard. The current version has five omponents:
1.) The Fritz chip
2.) A `curtained memory' feature in the CPU
3.) A security kernel in the operating system (`Nexus' in Microsoft Language)
4.) A security kernel in each TCG application (`NCA' in Microsoft language)
5.) A a back-end infrastructure of online security servers maintained by hardware and software vendors to tie the whole thing together.
Nexus bridges the gap between the Fritz chip and the application security components (NCAs). It checks that the hardware components are on the TCG approved list, that the software components have been signed, and that none of them has a serial number that has been revoked. If there are significant changes to the PC's configuration, the machine must go online to be re-certified: the operating system manages this.
Curtained memory features stop any TCG app from reading or writing another TCG app's data. These new features are called `Lagrande Technology' (LT) for the Intel CPUs and `TrustZone' for the ARM.
TCG is also aimed at payment systems. One of the Microsoft visions is that much of the functionality now built on top of bank cards may move into software once the applications can be made tamper-pesistant. This leads to a future in which we pay for books that we ead, and music we listen to, at the rate of so many pennies per page or per minute. The broadband industry is pushing this vision; meanwhile some far-sighted people in the music industry are starting to get scared at the prospect of Microsoft charging a percentage on all their sales. Even if micropayments don't work out as a business model - and there are some persuasive arguments why they won't - there will be some sea-changes in online payment, with spillover effects for the user. If, in ten years' time, it's inconvenient to shop online with a credit card unless you use a TCG platform, that will be tough on Mac and
GNU/linux users.
At a simple level, Word could encrypt all your documents using keys that only Microsoft products have access to; this would mean that you could only read them using Microsoft products, not with any competing word processor.
This technology is truly a two-edged sword. The appeal of TCG to the government is it's 'Mandatory Access Control'. This means the computer can impose restrictions on how software is used. For instance a business could decide that all text files written by it's employees can automatically be 'Classified', and only 5 computers from within the business possess the required keys to decrypt the message and the keys are deleted at the end of each month. Then think about the appeal of technology like this to the underground world of drug dealers, terrorists, etc. Osama Bin Laden would be able to send a message to Sadam Hussein and only those 2 computers had the key which could be deleted after the message has been read, then the Fritz chip would ensure the key could never be recovered by anyone.
DRM: Digital Rights
Management
The first phase of pallidium - an attempt to use encryption software to protect copyrighted electronic information by preventing its widespread distribution (as opposed to limiting access to information through such means as firewalls or password protected directories).
In a typical DRM scheme, DRM network server software wraps the digital
content. DRM client software unwraps it or otherwise makes it accessible in accordance with its rights. Potential clients include desktop PCs, handhelds, set-top boxes, mobile phones and other portable devices.
Vendors have not yet come to terms with technical standards for
digital rights management. Among those vying for acceptance are:
Digital Object Identifiers (DOI). Developed by the Corporation for National Research Initiatives and handed off to the International DOI Foundation to manage, DOI would give a piece of content a unique identifier for use over its lifetime (like a bar code). This standard would facilitate interoperability between DRM and non-DRM systems such as content management and e-commerce systems.
Extensible Rights Markup Language (XrML). Developed by Content Guard, a subsidiary of Xerox, and supported by Microsoft, XrML would provide a universal method for specifying rights and issuing conditions associated with the use and protection of content. Other backers are Adobe, Audible.com, Hewlett-Packard, OverDrive, Portal Software and Xerox.
Extensible Media Commerce Language (XMCL). Proposed by RealNetworks and endorsed by 25 technology, systems integrator and media companies, including Adobe, InterTrust Technologies, Sony Pictures Digital Entertainment and Sun, XMCL is designed to establish industrywide standards for Internet media commerce and to enable content to be managed independent of codecs, DRM software and e-commerce software. This among DRM-related standards appears to have the most support, says Joshua Duhl, analyst with IDC.
Electronic Book Exchange (EBX) and Open eBook Forum (OeBF). The
EBX Working Group of companies, organizations and individuals is developing a standard for protecting copyright in and distributing electronic books. Members include the American Library Association, Content Guard, Digital Owl, InterTrust and Nokia.
Moving Picture Experts Group (MPEG). MPEG is an International Standards Organization/International Electrotechnical Commission working group in charge of the development of standards for coded representation of digital audio and video. In addition to standards strictly related to bit-efficient representation of audio-visual content, MPEG produces other standards relating to the practical use of those standards; included are DRM issues. The MPEG-specific term for DRM is
Intellectual Property Management and Protection.
Security Assertion Markup Language (SAML) and Extensible Access Control Markup Language (XACML). SAML, for authentication and authorization, and XACML, for policies on information access, are complementary standards from the Organization for the Advancement of Structured Information Standards.
by fu on 25.03.2004 00.00.00
This article was originally published by CyberArmy.net in the CyberArmy Library.
|
|
You must be logged in to vote on an article
|
About Us | Privacy Policy | Mission Statement | Help
|