微软也不是没有在技术上努力过。控制windows vista本来早该发售的,但开发中遭遇了很多困难,导致后来更改开发计划,取消了很多先前确定的特性。除了众所周知的新文件系统WinFS,还有芯片级安全技术:NGSCB(Next-Generation Secure Computing Base)。
NGSCB is currently set to be a framework for building Trusted Computing applications. It therefore has a wide range of potential uses, but does not inherently provide any features from the point of view of the user.
Digital Rights Management
By utilising the attestation, curtained memory and cryptographic features of the TPM, a secure form of Digital Rights Management (DRM) may be developed; critics charge that although it does not provide DRM features itself, DRM is nevertheless the primary motivation for the development of NGSCB.
DRM would be implemented by encrypting DRM-protected files and only making the decryption key available to trusted applications. A wide range of copy-protection and similar features could thereby be implemented, limited only by the imagination.
For example, it would be possible to create a file that can only be read on one computer, or within one organisation, or a file that can only be opened for reading three times. While any DRM-protected file could be just as easily copied or read as an unprotected file, it would be impossible to decrypt the file at an unauthorised destination, rendering it useless.
Network Security
In corporate and educational networking environments, a desirable feature of NGSCB is the ability of each workstation to securely attest that no unauthorised modifications have been made either to its hardware or software. A workstation that is unable to authenticate itself can then be automatically denied access to some or all network services pending investigation.
Multiplayer Games
The attestation and curtained memory features of NGSCB could also potentially be used to prevent most kinds of cheating in multiplayer games.[4] Cheating by various means is currently prevalent in a number of multiplayer games[5][6] and diminishes the enjoyment of those games by legitimate players.
Common methods of cheating include:
Modification of the game executable or video drivers, e.g. to allow the player to see through walls.[7] This type of cheat can be prevented by using remote attestation to confirm that neither the game executable nor the video driver has been modified.
* Modification of game network traffic in transit between the client and server[8], e.g. to augment a player's ability to aim their weapon in a first-person shooter game.
This type of cheat can be prevented by encryption of network traffic within curtained memory prior to transmission, and corresponding decryption on the server.
http://www.answers.com/topic/nex ... cure-computing-base
本帖最后由 RestlessDream 于 2007-1-19 17:43 编辑 ]