Transparency Centers

Microsoft is committed to providing an unprecedented level of transparency through the Government Security Program (GSP), aimed at helping customers gain confidence in the integrity and assurance of the products and services on which they rely. To support those efforts, Microsoft has opened five Transparency Centers throughout the world:

  • United States
  • Belgium
  • Singapore
  • Brazil
  • China

A Secure Facility for Inspection and Analysis

Transparency Centers provide GSP participants with an opportunity to visit a secure facility to conduct deep levels of source code inspection and analysis. Participants have access to source code and an environment for in-depth inspection with advanced tools. In addition, participants can compile components and use additional tools for a deeper understanding of the source code. Currently, the Transparency Centers provide source code for products such as Windows, Windows Server, Office, Exchange Server, SQL Server, and SharePoint Server.

Center Visits

Each visit to a Transparency Center is tailored to the unique goals of what an agency is looking to accomplish. Visits can last from one day to two weeks, depending on an agency’s needs, and are scheduled based on facility availability. Face-to-face or teleconference exchanges with Microsoft engineers may also be available and can be beneficial during Transparency Center visits for agencies who have also joined the Technical Data portion of the program.

Environment and Tools

The environment and tools for source code evaluation include:

  • Private network with one server rack and eight clients
  • OpenGrok open source search and cross-reference engine
  • SysInternals
  • Tools provided by the participant and approved by Microsoft
  • HexRays IDA Disassembler and Decompiler
  • PowerShell v4.0
  • MSDN Documentation

Example use cases of Transparency Centers

  • Evaluation of Cryptography Next Generation implementation and preparation for national cryptography implementation
  • Review of SSL and TCP/IP implementation
  • Inspection of the source of random number generators
  • Walkthrough of Microsoft’s build process
  • Assessment of individual binaries to compare against shipped binaries

Contact Us

Contact your local Microsoft representative or email gspteam@microsoft.com to learn more about the Government Security Program