One of the main principles to improve the security of computer and network is to reduce the bit plane that can be attacked and invaded as much as possible. In addition, in the process of virtualization, we also need to combine the additional security layer of hardware and software, supplemented by comprehensive detection and protection features.In order to create a more unified system, Microsoft has come up with pluton security processor for windows, and has extended its olive branch to AMD, Intel and Qualcomm.
Over the past decade, TPM has been an important part of server security, providing physical storage space for security keys and other metadata to verify system integrity.
Specifically, after gaining physical access to the system, the TPM module will become useless, causing the data in transmission to be hijacked (or man in the middle attack).
What's worse, since TPM is an optional component in most server environments, the data path from physical module to CPU also becomes an important attack plane.
In the early stage of promotion, pluton architecture will be simulated as a TPM module to be compatible with the existing security protocol suite. However, since it has been built into the chip, it can greatly reduce any potential physical attack bit plane.
After that, pluton architecture is expected to enable a superset of TPM functions, and Microsoft emphasizes the unique shack secure hardware cryptography technology (so that the security key will never be exposed outside the hardware environment).
Finally, the collaboration between Cerberus and the community is based on extensive trust.
It is reported that the three chip manufacturers have taken pluton as the first security layer, but their own technology can be more profound (such as AMD's PSP solution).
In view of the fact that AMD has cooperated with Microsoft to develop pluton product for host platform, it should not be difficult to appear in AMD's consumer / enterprise chips together with other technologies (such as secure encryption virtualization).
As for Intel, it said it had a long-term partnership with Microsoft, which would facilitate the smooth integration of pluton's secure processor technology, but declined to disclose a possible timetable.
In the end, it was unexpected. But pluton andAppleThe company's T2 security chip, there are obviously many similarities. Apple silicon Mac, released earlier, has integrated related functions in M1 processor.