Performed by :

Naresh Heda : Rahul Makharia : Shayan Mandavia :

22 32 33

Introduction
To increase the security level of networks Microsoft

suggested a new measure called Palladium which will help bring more security to their software. It is basically a new set of features that not only upheld security of data and the integrity of the system but also provides some much needed personal privacy Palladium is integrated into windows kernel which couples with the hardware and various chipsets to form a secured subsystem.

This architecture will include a new security computing chip and design changes to CPU,KEYBOARD,CHIPS AND OTHER PERIPHERAL DEVICES. Stolen files which are coded by Palladium Cryptography method are useless on other computer. Hence, software attacks cannot expose the files thereby enhancing the security system.

Abstract
As we tend towards a more and more computer

centric world, the concept of data security has attained a paramount importance. Though present day security systems offer a good level of protection, they are incapable of providing a "trust worthy" environment and are vulnerable to unexpected attacks. Palladium is a content protection concept that has spawned from the belief that the computer is not architecturally equipped to protect a user forms the pitfalls and challenges that an all network such as the Internet poses.

 As a drastic change in computer hardware is not

feasible largely due to economic reasons, palladium hopes to introduce a minimal change in this front. A paradigm shift is awaited in this scenario with the advent of usage of palladium, thus making content protection a shared concern of both software and hardware.

 The first one data confidentiality is concerned with

secret data remaining secret. More specifically if the owner of some data has decided that the data should be availableonly to certain people and no others The second goal, data integrity, means that unauthorized users should not be able to modify any data without the owner's permission. The third goal, system availability, means that nobody can disturb the system to make unstable. It must be able to ensure that authorized persons have access to the data and do not suffer form denial of service.

 Threats of data:

From a security perspective computer systems have 3 general goals with corresponding threats to them as listed below:

Problem Definition
Cryptography: Cryptography is the method in which a message or file, called plain text, is taken and encrypted into cipher text in such a way that only authorized people know how to convert it back to plane text. This is done commonly in four ways: Secret key cryptography, public key cryptography, one way function cryptography and digital signatures. Unless the encryption technique used is very complex it is possible, with some effort, for crackers to decrypt files.

 Palladium is the code name for a revolutionary set of

"features" for the "windows" operating system. Palladium is a new hardware and software architecture. This architecture will include a new security computing chip and design changes to a computer's central processing unit (CPU), chipsets, and peripheral devices, such as keyboards and printers. It also will enable applications and components of these applications to run in a protected memory space that is highly resistant to tempering and interference. The computer specific secret coding within palladium makes stolen files useless on other machines as they are physically and cryptographically locked within the hardware of the machine. This means software attacks can't expose these secrets. Even if a sophisticated hardware attack were to get at them, these core system secrets would only be applicable to the data within a single computer and could not be used

Application
Financial services
Government agencies

Healthcare industry
Business process outsourcing

References
Modern Operating Systems by

Andrew.S.Tanenbaum. Digit magazine. Microsoft Press Pass. J.N.T.U website.