CS Colloquium
Thursday, February 12, 2004
4:15pm
B17 Upson Hall
John Manferdelli
Microsoft
Claims Based Security Based on Hardware Rooted Trust Relationships over the Internet
This talk will focus on the evolution of the design of the Next Generation Secure Computing (NGCSB) and its relationship to Claims Based Security. Claims based security (a.k.a. - "key capability based" security) has the desirable manageability and scalability properties required for distributed authentication and authorization. The underlying model has been explored and refined by many including Abadi, Lampson and others in a series of papers. Public key cryptography provides a critical mechanism but the general applicability of this model was limited by the ease with which trust relationships between unrelated parties could be negotiated. In addition, many distributed security problems require that authorization be based both on trusted user identity and trusted code identity. NGCSB offers a simple mechanism rooted in hardware to solve these dual problems. NGCSB designers were also faced with cost constraints dictated by the PC ecosystem, stringent user privacy and user control requirements and subtle security requirements which affected the proposed design.