Some would say that the only way to defend a system against a cyber-attack is to cut the cord that connects it to the internet. Sadly, in many cases, this is true. When you look at it, systems have several points of attack where they can be exploited. Though the human factor will always be the Achilles heel of network security, many businesses, and now even countries are focusing their attention on securing the Operating System.
Here is a look at what the United States is doing to secure their systems from cyber-attack:
The United States
Though the use of secure versions of Linux has increased, America is looking to design a secure OS from the ground up. Currently, the US has been depending on the Trusted Computing (TC) technology. TC relies on an onboard chip called the Trusted Platform Module to provide cryptographic keys to help secure the system. Microsoft, AMD, Dell, IBM and Intel all plan on using Trusted Computing in current and future products.
Microsoft currently uses The TPM Module in its Bitlocker drive security utility. Bitlocker allows entire volumes to be encrypted. TC is not without its detractors though. Many are concerned that the TPM is better equipped for digital rights management than securing the PC. Also, the secure chip has already been hacked.
TC has been widely adopted by the government. According to Wikipedia, “The U.S. Army requires that every new small PC it purchases must come with a Trusted Platform Module (TPM). As of July 3, 2007, so does virtually the entire United States Department of Defense.” I think it interesting to note that our military is relying on the TPM, even though the circuit board is clearly marked “Made in China” in the photo above.
America is not depending on current operating systems to be the secure platform of the future. Microsoft is working on the new Next-Generation Secure Computing Base (NGSCB). Previously called “Palladium”, this future version of Windows will rely on the TPM to provide a secure OS. This project may be stalled as according to Wikipedia, no new information has been released on NGSCB since 2004. Even if Microsoft does come out with a secure OS, one would have to wonder how they will handle compatibility issues that have always been a thorn in Microsoft’s side.
Most promising, the University of Illinois recently received a $1.15 Million Dollar grant to develop “Ethos”. This operating system is being built with security in mind from the ground up. It will run on the XEN Hypervisor virtual machine platform, driving home the importance of isolation.
Building a secure OS platform will go a long way in protecting our nation from cyber attacks.