Scott Charney used his keynote speech at the RSA Conference on Tuesday to talk up a variety of hardware and software-based technologies meant to infuse the Internet with more trust. Charney, the head of Microsoft’s Trustworthy Computing team, talked about the need for greater adoption of TPMs, code signing and identity systems, all of which the company has been discussing in various forms for the better part of a decade.
Many of the technologies that Charney discussed, including the TPM and code signing, were part of the company’s much-maligned and controversial Palladium project. Some of the technologies have been implemented in various forms in Vista and others are still forthcoming. But Charney said Tuesday that many of the problems that plague the Internet could be addressed with better trust on the part of users, machines, vendors and other parties.
“We need alignment between political, economic and social forces and IT,” he said. “We need trusted people, we need to know who we’re dealing with online.”
Many of the machines that now run Vista include a TPM, which is a hardware module used to attest to the identity of the machine, as well as serve as a sealed storage area for cryptographic keys. “We have to root trust in the hardware because it’s less malleable than software,” Charney said.
Microsoft also is working on some new technologies, including the Geneva server which handles identity in a claims-based manner, Charney said. “This identity metasystem is the most controversial part because of privacy concerns,” he said.