An overview of NGSCB

A major challenge the computer industry is facing today is how to effectively protect end users against a plethora of email viruses and network intrusions. An obvious solution is to make the desktop operating system (OS) and applications flawless and bug-free. However, experience shows that this is an impractical goal. The reasons are threefold: the rich functionality users expect from mass market OSs makes these systems so large and complex that security bugs will exist even after rigorous testing and the use of advanced quality assurance methodology during the development process; similar problems apply to applications and device drivers; finally, configuration and maintenance are non-trivial, such that users often misconfigure the system. Security vulnerabilities exist largely due to software bugs, some of which are in the operating systems. Commercial OSs have rapidly grown in size in order to provide ever richer user experiences. Rigorous development and testing can uncover and eliminate a large percentage of these bugs. However, a small number will always remain. The problem is further compounded by the necessity to support an arbitrary number of devices in a consumer desktop OS. A bug in a device driver may be exploited to subvert the system. Again, although stringent testing standards are successful at reducing the number of driver bugs, security vulnerabilities cannot be completely eliminated in complex device drivers.