bill gates’ rsa 2006 keynote presentation
DESCRIPTION
Bill Gates’ RSA 2006 Keynote presentation. Questions and answers. What does Gates mean by trusted ecosystem?. - PowerPoint PPT PresentationTRANSCRIPT
Bill Gates’ RSA 2006 Keynote presentation
Questions and answers
What does Gates mean by trusted ecosystem?
• A rich infrastructure encompassing trust relationships between organisations, code, and users. It mimics the real-world relationships, and includes reputation building, chains of trust, and trust revocation, [frame 5]
What does Gates propose in order to guard against code injection attacks?
• The programmer should aim to reduce the portion of code that has to be trusted to a minimum; and then it should be run with minimal privileges.[frame 6]
Why were systems more secure historically than they are now?
• Because they were isolated, in several ways.– Typically, they had no internet connection,
so no incoming packets that can attack code
– Users had less capabilities which are vulnerable to being exploited[frame 8]
What alternatives does Gates mention for authentication by password?
• Multi-factor authentication including smart-cards
• Challenge-response systems, avoiding passing a single secret which can be passed on to another service [frame 8]
What does Gates propose in order to combat spam?
• Email product vendors are asked to implement the sender-id feature in MX records, which helps receivers
– www.exchangepedia.com/blog/2006/10/microsoft-opens-up-senderid.html
• MS Outlook implements the idea of computational proof; a stranger sending mail to someone for the first time has to do some non-trivial computation which is uneconomic for spammers to perform.[frame 10]
What obstacles to adoption of smart cards for authentication are mentioned?
• Integration throughout the infrastructure
• Revocation of certificates[frame 11]
What is the Certificate Lifecycle Manager (CLM) and what’s it for?
• It manages the process of issuing digital certificates and provisioning smart cards.
• On production of a one-time password issued when a user loses her smartcard, CLM can obtain the user’s certificates from an LDAP server and put them on a new smart card.[frame 12]
What is Network Access Protection (NAP)
• It checks policy compliance in respect of software updates. If the policy is not satisfied, it allows limited network access for the purpose of downloading updates (called quarantine).
• It can also automatically remediate the computer to bring it into compliance.[frame 12]