微软表示,它已经开发出一个高度安全的芯片,即英特尔,AMD和高通计划在笔记本电脑和其他个人计算机中使用的未来中央处理单元中集成。
Microsoft said the Pluton security processor would bring more advanced protection to PCs using its flagship Windows operating system. Designed by Microsoft, the chip would be used to lock up secret information, including passwords, in a secure vault in the CPU itself, instead of on a separate component on the PCB. Microsoft said the Pluton chip would help stymie all sorts of attacks on the hardware and prevent the theft of secret keys used in cryptography.
The company is partnering with Intel, AMD, and Qualcomm to add Pluton as part of a system on a chip, where all the components of the personal computer, including the CPU, are housed on the same die. It is unclear when the integrated Pluton chips could hit the market. But Intel reportedly said that its chips would be ready to roll out to manufacturers in a couple of years.
Microsoft said that the Pluton chip would be integrated as a secure subsystem inside the SoC, adding another layer of protection on top of the internal defenses designed by Intel, AMD, and Qualcomm. The chip establishes a protected area that is physically secluded from the CPU, acting as a vault in charge of protecting secret keys and other information in the PC. That would help impede hackers trying to intercept information and steal it from the device.
"We believe that processors with built-in security like Pluton are the future of computing hardware," David Weston, who currently leads operating system security at Microsoft, said in a blog detailing the announcement. "With Pluton, our vision is to provide a more secure foundation for the intelligent edge and the intelligent cloud by adding this level of built-in trust to devices, and things everywhere."
普鲁顿将一系列的安全技术类似于可信赖的平台模块,或TPM,用于当今个人计算机用于存储密码和其他秘密。TPM芯片是从CPU分离的微小组件,以保护加密密钥并处理PC中的其他习惯。TPM充当设备的“信任根”,保证PC的硬件和软件的组合并未被黑客发生恶意改变。
Today, software alone cannot address all the vulnerabilities present in insecure hardware. But hardware-based protections can represent the front line of defense for device security.
The TPM chip serves as the strongbox of the computer. But it is not completely unassailable. Hackers have started to target the "interface bus" that connects the TPM to the CPU in the PC, intercepting secret keys and other information that leaks out of the internal connector. Once hackers have physical possession of the PC, they can breach the interface and loot sensitive information from the TPM or launch digital and physical assaults on the device.
微软表示,冥王星芯片直接解决了此类威胁。通过将TPM和CPU带到一起,Microsoft表示,黑客无法使用该接口来侵入设备并窃取加密密钥,凭据和标识。界面不再存在。根据Microsoft,即使黑客对内部硬件的物理访问不受限制,也不会从冥文模块中删除任何信息。
即使它与CPU紧密集成,Microsoft说普鲁顿分别运行,以便从PC中的中央处理器隔离密码键。微软表示,它还支持安全的硬件加密键(SHACK)技术,这保证了在芦苇中保持的秘密键永远不会暴露在受保护的硬件之外。
One of the other problems solved by Pluton is in updating system firmware and patching for bugs and other potential vulnerabilities. Weston said it would roll out fixes for the firmware in Pluton as part of the regular updates it sends out to the vast population of computers that use its Windows operating system. "Today, customers receive updates to their security firmware from a variety of different sources than can be difficult to manage," he said.
微软一直在开发芯片抵制both hardware and software hacks for the last decade. The company said Pluton was pioneered as part of the integrated hardware and OS security in its Xbox One console released in 2013. The chip, which it worked on with AMD, prevents hackers from messing with the hardware, even when they can take the device apart.
该公司作为其目的互联网互联网的一部分,该公司在2018年将钢板推出,其中包括一种用于空间受限设备的安全操作系统,称为Azure Sphere OS和服务,用于在云上牢固地更新其固件。Microsoft与其他供应商合作,将富普通芯片添加到可用于IOT设备的节能MCU。
通过与英特尔和AMD合作 - 个人计算机芯片的No.1和2号供应商 - Microsoft试图为未来的每个基于Windows的PC添加更严格的保护。“我们对Windows PC的未来的愿景是非常核心的安全性,内置于CPU中,其中硬件和软件以高度统一的方式密切集成,”该公司表示。
微软表示,富隆芯片将用于补充,而不是替换由英特尔,AMD和Qualcomm制造的芯片中的内部保护和固件。没有安全协议完全坚不可摧。但是,尽管使用与Windows的不同制造商提供各种制造商,但勘方芯片可以加强PC的默认保护量。
“AMD和Microsoft一直密切合作开发和不断提高基于处理器的安全解决方案,从Xbox One控制台开始,现在在PC中,”AMD的产品安全负责人Jason Thomas,在一份声明中表示。“我们设计和建造具有安全性的产品,并将微软的钢板技术带到芯片级别将增强我们CPU的强大安全功能。”
高通公司还基于来自PC的ARM Holdings的蓝图来推出芯片。“我们认为,像Microsoft Pluton一样的基于硬件的基于硬件的信任根,是在高通技术技术管理高级管理层的多用例和支持它们的设备中的一个重要组成部分,”Asaf Shen表示在一份声明中。
