Under pressure to battle incessant hacker attacks, viruses and identity theft, Microsoft in 2002 came up with a scheme dubbed Palladium, which would rely on special computer hardware that would refuse to run malicious programming code or betray users' secrets. A form of "trusted computing," the idea drew several objections--chief among them, it would enable remote organizations to track what users do with their machines. Now a technology based on a decade-old idea promises better-protected machines and transactions while removing the fear of monitoring.
The strategy is called direct anonymous attestation (DAA). The plan is that computers will have a secure mode in which they will run only applications that have been authenticated by remote trusted certification authorities ("attested"); moreover, these authorities would not necessarily be able identify them or their owners. A security chip on a computer motherboard or embedded in other devices would perform such gatekeeping tasks, functioning according to specifications laid down by the Trusted Computing Group, a consortium that includes Microsoft, Hewlett-Packard, Intel and IBM.
This article was originally published with the title Anonymous Trust.