Microsoft is adding another piece to its much-hyped trusted computing initiative, but the proposal has raised more questions than answers. The company last week unveiled its Palladium initiative based on public-key cryptography and designed to help businesses protect and control the data and multimedia files they've created.

Palladium, in development for more than two years, will secure data as it traverses a network and will enforce rules that the content creator sets to regulate how the content is used. Once a user receives content, it's stored in a "virtual vault" on the user's PC, protected from viruses and tampering. The data will still be governed by the rules the creator set.

The guts of Palladium will reside in chips being developed by Intel and Advanced Micro Devices Inc. Software vendors plan to write applications for those chips, Microsoft says, using programming interfaces that it plans to publish. The technology is expected to ship in the next few years.

Microsoft says Palladium takes existing encryption schemes a step farther because the method calls for storing keys used to encrypt and decrypt files on the chip, rather than in software, the more typical scenario used by public-key technologies. That could improve security because it's tougher to crack hardware than software to steal keys, says Hurwitz Group analyst Pete Lindstrom. Encryption can also be processed much faster on hardware, improving system performance.

The chipmakers have yet to say whether the chips will be designed only for Palladium or for other trusted computing technologies, as well.

Privacy concerns have been raised. Some people fear companies, even Microsoft, will use Palladium to collect personal data and that Microsoft will act as the gatekeeper for the keys. Palladium won't be used to access any personally identifiable data, Microsoft group product manager Mario Juarez says.

One detail that is known: Microsoft's Palladium won't be compatible with any previous version of Windows.