Speaking at RSA Conference 2008, the largest security conference in the world, executives from Microsoft yesterday outlined the company's vision for end-to-end trust online. The company says the goal of this vision is to give people greater control over who and what to trust online.
"We believe that End to End Trust will transform how the industry thinks about and approaches online trust and security," Microsoft chief research and strategy office Craig Mundie said. "Our end goal is a more secure and trustworthy Internet, but it's also important that we give people the tools that empower them to make good trust choices. End to End Trust will enable new opportunities for collaboration on solutions to social, political, economic and technical issues that will have a long-term impact on Internet security and privacy."
The very notion of end-to-end trust suggests that this is an industry movement and not something Microsoft can implement on its own. And sure enough, as Mundie explained during an RSA keynote address yesterday, there are several key areas in which this vision will need to be implemented for it to be effective. These include trusted devices, including phones with TPM hardware; trusted operating systems and software on PCs; a formal approach to establishing individual identities online; and trust around data storage.
"This is not a product roadmap," Mundie added. "It's a way of framing the problem ... All of these things get to the questions of authentication, authorization, access, \[and\] audit."
Microsoft's industry-wide proposal comes at a time when the relevance and influence of the company is waning, especially in the online sector. It will be interesting to see whether the industry rallies around this initiative.
For more information about Microsoft's end-to-end trust proposal, please visit the company's Web site.