Published on Nov 21, 2015


Today's personal computing environment is built on flexible, extensible, and feature-rich platforms that enable consumers to take advantage of a wide variety of devices, applications, and services. Unfortunately, the evolution of shared networks and the Internet has made computers more susceptible to attacks at the hardware, software, and operating system levels.

Increasing existing security measures, such as adding more firewalls and creating password protection schemes, can slow data delivery and frustrate users. Using only software-based security measures to protect existing computers is starting to reach the point of diminishing returns.

These new problems have created the need for a trustworthy computing platform. Users want computers that provide both ease-of-use and protection from malicious programs that can damage their computers or access their personal information. Because they use their computers to process and store more and more valuable and important data, users need a platform that addresses their data security, personal privacy, and system integrity needs.

The next-generation secure computing base (NGSCB) is a combination of new hardware and operating system features that provides a solid foundation on which privacy- and security-sensitive software can be built. NGSCB does not affect the software running in the main operating system; rather, NGSCB-capable computers provide an isolated execution With NGSCB-capable computers, users can choose to work within the standard operating system environment using their existing applications, services, and devices without any changes, or they can choose to run critical processes by using NGSCB-trusted components that exist in a separate, protected operating environment.


On commercial computer platforms, it is not feasible to restrict the firmware, device hardware, drivers, and applications sufficiently to provide adequate process isolation. NGSCB avoids this conflict by allowing both secure and mainstream operating systems to coexist on the same computer.

Only an NGSCB-trusted application, also called a nexus computing agent (NCA), can run securely within the protected operating environment. The user defines specific policies that determine which trusted applications can run in the protected operating environment. The program code does not need to be signed in order to run on an NGSCB-capable computer.

The following core elements provide the protected operating environment for trusted applications:

Strong process isolation

The protected operating environment isolates a secure area of memory that is used to process data with higher security requirements.

Sealed storage

This storage mechanism uses encryption to help ensure the privacy of NGSCB data that persists on the hard disk of NGSCB-capable computers.


This occurs when a piece of code digitally signs and attests to a piece of data, helping to confirm to the recipient that the data was constructed by a cryptographically identifiable software stack.

Secure paths to the user

By encrypting input and output, the system creates a secure path from the keyboard and mouse to trusted applications and from those applications to a region of the computer screen. These secure paths ensure that valuable information remains private and unaltered.

Microsoft is initially designing NGSCB features and services for the next 32-bit version of the Windows operating system, and plans are underway to support other platforms as well.

Strong Process Isolation

In NGSCB, the protected operating environment provides a restricted and protected address space for applications and services that have higher security requirements. The primary feature of the protected operating environment is curtained memory, a secure area of memory within an otherwise open operating system.

Related Seminar Topics