Microsoft has announced that it is integrating Model Context Protocol (MCP) in Windows 11 as it pushes the operating system as an agentic operating system. The Redmond giant stated that MCP is a foundational layer for delivering “secure, interoperable agentic computing.”
As a bit of background for those that don’t know, Model Context Protocol (MCP) is a universal standard created by the AI firm Anthropic. It is designed to connect AI models with external data sources. It solves a big problem that AI models face, which is that they have limited knowledge confined to their training data and can’t access real-time information on their own.
The Model Context Protocol (MCP) is a universal standard designed to connect AI models, especially large language models (LLMs), with external data sources and tools in a seamless, secure, and efficient way. It solves the problem that AI models often face: they have limited knowledge confined to their training data and cannot access real-time or personalized information on their own.
AI assistants are the MCP clients and the various data sources are the MCP servers. These servers can be various types of data including emails, calendars, cloud storage, code repositories, or databases. MCP standardizes how the client and server communicate, allowing AI models to get real-time information in a standard manner.
Microsoft has said that MCP opens up lots of possibilities, but there are potential security concerns so it has drawn up the MCP Security Architecture in Windows 11 protocols to ensure safety.
Firstly, Microsoft will ensure that all MCP server developers meet a baseline set of security requirements to ensure user safety. Secondly, Microsoft will ensure that users are in full control for all security sensitive operations done on their behalf. Finally, the principle of least privilege will be enforced by Microsoft to limit the impact of potential attacks on MCP servers.
Microsoft will provide an early preview of the MCP server capability after Microsoft Build that can be accessed by developers for the purposes of giving feedback. The firm said that the preview may include security capabilities that are not in enforcement mode during the preview period, but will be enabled before broad availability.
Additionally, developers that want to try it will need to have their devices in developer mode to ensure that only developers with entitlement can use it. When it becomes generally available, Microsoft plans to bring in secure-by-default enforcement to keep users safe.
3 Comments - Add comment