Microsoft and Trustworthy Computing

Microsoft CTO and Senior Vice President Craig Mundie authored a whitepaper in 2002, defining the framework of the company’s Trustworthy Computing program . Four areas were identified as the initiative’s key “pillars”. Microsoft has subsequently organized its efforts to align with these goals. These key activities are set forth as:

1. Security
2. Privacy
3. Reliability
4. Business Integrity

[edit] Security

Microsoft’s first pillar of Trustworthy Computing is security. Security has always been a part of computing, but now it must become a priority. According to Microsoft, security goes beyond the technology to include the social aspect as well. This is outlined in the following three components:

1. Technology Investment – Investing in the expertise and technology necessary to create a secure and trustworthy computing environment.
2. Responsible Leadership – Microsoft highlights the responsibility that goes with being an industry leader. This includes working with law enforcement agencies, government experts, academia, and private sectors to join forces and create partnerships necessary to create and enforce secure computing.
3. Customer Guidance and Engagement – It is important to develop trust by educating consumers with training and information on best practices for secure computing.

[edit] Privacy

For computing to become ubiquitous in connecting people and transmitting information over various networks and services it is critical that information is protected and kept private. Microsoft has privacy as the second pillar for Trustworthy Computing and commits to making privacy a priority in the design, developing, and testing of their products. To ensure this privacy, it is also important to contribute to standards and policies created by industry organizations and government. Privacy policies must be honored and practiced across the industry.

Another essential element of privacy is providing the user a sense of control over their personal information. This includes ongoing education, information, and notification of policy and procedures. In a world of spam, hackers, and unwanted pop-ups, computer users need to feel empowered with the tools and computing products, especially when it comes to protecting their personal information.

[edit] Reliability

Microsoft’s third pillar of Trustworthy Computing is reliability. Microsoft uses a fairly broad definition to encompass all technical aspects related to availability, performance and disruption recovery. It is intended to be a measure not only of whether a system is working, but whether it will continue working in non-optimal situations.

Six key attributes have been defined for a reliable system:

1. Resilient. The system will continue to provide the user a service in the face of internal or external disruption.
2. Recoverable. Following a user- or system-induced disruption, the system can be easily restored, through instrumentation and diagnosis, to a previously known state with no data loss.
3. Controlled. Provides accurate and timely service whenever needed.
4. Undisruptable. Required changes and upgrades do not disrupt the service being provided by the system.
5. Production-ready. On release, the system contains minimal software bugs, requiring a limited number of predictable updates.
6. Predictable. It works as expected or promised, and what worked before works now.