Advancing End to End Trust, An Update from RSA 2010

The Internet has created incredible opportunities for our society such as e-commerce, new social interactions, and more efficient government. But it has also attracted the attention of criminals due to the Internet’s global connectivity, anonymity, lack of traceability and rich targets of valuable information. While we believe the benefits of using the Internet far outweigh the risks, people still need to be safer online than they are today.

End to End Trust is Microsoft’s collaborative vision for getting there.  With Microsoft technology on more than a billion systems worldwide, we feel a great responsibility to help ensure our customers around the world experience a safer, more trusted Internet.  To realize this, however, each of us needs to take some responsibility towards this end.  Today, at RSA 2010 in San Francisco, I presented an update on Microsoft’s efforts and called on the industry to help us make progress towards a safer, more trusted Internet in three ways:

Creatively Prevent and Disrupt Cybercrime.  Both the public and private sectors need to work together on new ways to creatively prevent and disrupt cybercrime.  For example, last week Microsoft worked with industry partners, academic and legal communities to deactivate a large botnet known as “Waledac” by securing a temporary restraining order permitting suspected criminal domains to be cut off from the Internet.  One of the 10 largest botnets in the US and a major distributor of spam globally, Waledac is estimated to have infected hundreds of thousands of computers around the world and, prior to this action, was believed to have the capacity to send over 1.5 billion spam emails per day.

Deploy robust identity solutions that respect individual privacy.   Innovation towards a trusted stack and identity metasystem with in-person proofing continues to be a key focus.  Today Microsoft announced we are making U-Prove technology available as a Community Technology Preview along with an Open Specification Promise, which will allow others to use this technology in their products and services as well.  U-Prove is a unique technology that can help protect privacy, and enhance the security of online transactions in many ways.  I strongly encourage anyone working in the online identity space to review this technology and consider integrating U-Prove wherever strong identity solutions are needed.  

While more needs to be done to advance the state of identity online, significant progress has been made towards advancing the state of identity within the enterprise.  Today Microsoft also announced the availability of Forefront Identity Manager 2010 – one of the many releases from our Identity and Security Division that helps enable a safer, more trusted Enterprise.

Governments need to define “normative” behavior for accessing data in the Cloud.  There are some issues that are beyond the industry’s ability to resolve alone.  Governments need to participate in a global discussion to define “normative” behavior for accessing data in the Cloud.  I re-iterate Brad Smith’s recent call for a Cloud Computing Advancement Act that will promote innovation, protect consumers, and help address three issues in particular – privacy, security, and sovereignty in the Cloud.

The path to a safer, more trusted Internet will take time and investment from everyone — customers, IT Pros, Governments, Developers – everyone.  Microsoft is committed to doing our part to realize the potential of a safer, more trusted Internet and you can expect us to announce new developments and progress in the future.

You can learn more about End to End Trust and how Microsoft is working with the rest of the industry to obtain a safer, more trusted Internet at http//www.microsoft.com/endtoendtrust.

For more details about Microsoft’s participation at RSA 2010, see http://www.microsoft.com/presspass/events/rsa.

 

Posted by Scott Charney
Corporate Vice President, Trustworthy Computing.