Richard Kemmerer and Microsoft’s Trustworthy Computing Academic Advisory (TCAA) initiative
Posted by Ken Y-N on March 18th, 2008 at 03:02pm
After five years on the advisory panel for Microsoft’s Trustworthy Computing initiative, ADT Mag interviewed Richard Kemmerer on his experiences working for the Redmond giant. His basic opinion is that although security has improved overall, there still is a long way to go.
Soon after Microsoft came up with its “Trustworthy Computing” buzzword in 2002 they realised they needed some way to get closer to the customer, leading to the formation of the advisory board. The core areas of focus were, and still are, security, privacy, reliability and business integrity.
The article also has an interesting definition of trustworthy versus trusted systems from the National Security Agency:
[...] a software or operating system can be “trustworthy” but not “trusted.” On the other hand, it can be deemed “trusted” but not “trustworthy.” The exact denotation found on the NSA’s Web site — which says a “trusted system” is one vulnerable to attacks and not foolproof — is a system that, while secure in some areas, can still be compromised by hackers. Conversely, a “trustworthy” processing environment is considered virtually impenetrable and “will not fail.”
A Trusted Platform Module, is of course “merely”, for suitable values of “merely”, trusted according to the above definitions.
The full story may be read here.
Tags: microsoft
Leave a Comment for Richard Kemmerer and Microsoft’s Trustworthy Computing Academic Advisory (TCAA) initiative