Microsoft Proposes Cross-Industry Effort To Address Online Trust Challenge

##AUTHORSPLIT##<--->

Microsoft Corp. this week initiated a call for action to address the future of security and privacy on the Internet. In a speech by Chief Research and Strategy Officer Craig Mundie, the company proposed "End to End Trust," a pitch for organizations, including vendors and user organizations, to work together to create a more secure and trusted online environment.

The initiative encompasses three aspects:

  • Creation of a trusted stack where each element in the stack can be authenticated and is trustworthy, including the hardware, operating system, applications, people, and data;
  • A system that enables people to present their identity claims while addressing issues of authentication, authorization, access, and audit; and
  • A framework for achieving closer alignment between technological, social, political and economic forces.

"Our goal is a more secure and trustworthy Internet, but it's also important that we give people the tools that empower them to make good trust choices," Mundie said.

"Microsoft and the technology industry alone cannot create a trusted online experience," said Scott Charney, corporate vice president of Trustworthy Computing at Microsoft. "For that to happen, the industry must not only come together but also work with customers, partners, governments and other key constituencies on a road map for extending Trustworthy Computing to the Internet."

As a Microsoft whitepaper points out, even though vendors have introduced a number of security efforts in their software, "Spam does not normally exploit vulnerabilities, nor would one turn off mail by default. There is also very little a specific user or enterprise can do to prevent a distributed denial-of-service attack from a botnet."

"Making trust decisions based on a validated level of security and in support of desired privacy is a pressing concern for organizations and consumers," said Kurt Roemer, chief security strategist for Citrix Systems. "It's time for a global collaborative effort to define and support an actionable end-to-end trust model that can help balance the often competing interests of privacy and security."

Get daily news from THE Journal's RSS News Feed


About the author: Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at [email protected].

Proposals for articles and tips for news stories, as well as questions and comments about this publication, should be submitted to David Nagel, executive editor, at [email protected].

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • The First Steps of Establishing Your Cloud Security Strategy

    In this guide, we'll identify some first steps you can take to establish your cloud security strategy. We'll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls® (CIS Controls®) and the CIS Benchmarks™.

  • Human Error Remains the Leading Cause of Cloud Data Breaches

    Human error is still one of the biggest threats to cloud security, despite all the technology bells and whistles and alerts and services out there, from multi-factor authentication, to social engineering training, to enterprise-wide integrated cybersecurity platforms, and more.

  • Abstract illustration of a human news reporter interviewing an AI with a microphone

    AI on AI in Education: A Dialogue

    Scholars are doing lots of asking and predicting about the risks and rewards of generative artificial intelligence in school, but has anyone asked the all-knowing chatbots?

  • Pattern of desks with interconnected circles, triangles, and lines

    Classroom Furniture Giveaway Seeks Dream Learning Space Design

    Educators have a chance to design their ideal K-12 learning space in a contest recently announced by classroom furniture manufacturer KI.