Enforcing Trust in Pervasive Computing. Trusted Computing Technology.

Size: px

Start display at page:

Download "Enforcing Trust in Pervasive Computing. Trusted Computing Technology."

Earl Roberts
5 years ago
Views:

1 Outline with Trusted Computing Technology. Shiqun Li 1,2 Shane Balfe 3 Jianying Zhou 2 Kefei Chen 1 1 Shanghai Jiao Tong University 2 Institute for InfoComm Research 3 Royal Holloway, University of London 1st International Workshop on Critical Information Infrastructures Security

2 Outline Outline 1 Trusted Computing 2 Trust Requirement of 3

3 Outline Outline 1 Trusted Computing 2 Trust Requirement of 3

4 Outline Outline 1 Trusted Computing 2 Trust Requirement of 3

5 Outline Trusted Computing 1 Trusted Computing 2 Trust Requirement of 3

6 Overview Trusted Computing Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Deployment TPM (Trusted Platform Module) market saturation by IDC. Processor support (Averill) tentatively OS support - soon?

7 Overview Trusted Computing Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Deployment TPM (Trusted Platform Module) market saturation by IDC. Processor support (Averill) tentatively OS support - soon?

8 Overview Trusted Computing Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Deployment TPM (Trusted Platform Module) market saturation by IDC. Processor support (Averill) tentatively OS support - soon?

9 Overview Trusted Computing Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Deployment TPM (Trusted Platform Module) market saturation by IDC. Processor support (Averill) tentatively OS support - soon?

10 Overview Trusted Computing Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Deployment TPM (Trusted Platform Module) market saturation by IDC. Processor support (Averill) tentatively OS support - soon?

11 Outline Trusted Computing 1 Trusted Computing 2 Trust Requirement of 3

12 TPM support Measuring, Storing and Reporting Integrity measurement is the process of obtaining metrics of platform characteristics that affect the integrity (trustworthiness) of a platform; storing those metrics; and putting digests of those metrics in PCRs (Platform Configuration Registers). Storage has a double meaning in Trusted Computing. It refers to the intermediate step between measurement and report but also to the protection of keys and data with a TPM Integrity reporting is the process of attesting to the contents of integrity storage.

13 TPM support Measuring, Storing and Reporting Integrity measurement is the process of obtaining metrics of platform characteristics that affect the integrity (trustworthiness) of a platform; storing those metrics; and putting digests of those metrics in PCRs (Platform Configuration Registers). Storage has a double meaning in Trusted Computing. It refers to the intermediate step between measurement and report but also to the protection of keys and data with a TPM Integrity reporting is the process of attesting to the contents of integrity storage.

14 TPM support Measuring, Storing and Reporting Integrity measurement is the process of obtaining metrics of platform characteristics that affect the integrity (trustworthiness) of a platform; storing those metrics; and putting digests of those metrics in PCRs (Platform Configuration Registers). Storage has a double meaning in Trusted Computing. It refers to the intermediate step between measurement and report but also to the protection of keys and data with a TPM Integrity reporting is the process of attesting to the contents of integrity storage.

15 TPM support Remote Attestation Trusted Computing This is the mechanism through which a challenger can inspect a remote platform s state. Before a platform can attest to its state it must obtain a credential using either a Privacy CA or DAA based approach In either case the end result is the same. The platform obtains a credential (or a means of issuing credential like statements) that will be used to adduce current platform state.

16 TPM support Remote Attestation Trusted Computing This is the mechanism through which a challenger can inspect a remote platform s state. Before a platform can attest to its state it must obtain a credential using either a Privacy CA or DAA based approach In either case the end result is the same. The platform obtains a credential (or a means of issuing credential like statements) that will be used to adduce current platform state.

17 TPM support Remote Attestation Trusted Computing This is the mechanism through which a challenger can inspect a remote platform s state. Before a platform can attest to its state it must obtain a credential using either a Privacy CA or DAA based approach In either case the end result is the same. The platform obtains a credential (or a means of issuing credential like statements) that will be used to adduce current platform state.

18 TPM support Delegation and Certified Migration Delegation enables PCR constraints on delegated rights. Certified Migration permits secure transfer of migratory keys from one TCG compliant platform to another. The new platform has full usage of the migrated key.

19 TPM support Delegation and Certified Migration Delegation enables PCR constraints on delegated rights. Certified Migration permits secure transfer of migratory keys from one TCG compliant platform to another. The new platform has full usage of the migrated key.

20 Outline Trusted Computing 1 Trusted Computing 2 Trust Requirement of 3

21 Intel s La Grande, AMD s Presidio, ARM s Trustzone Protected Execution: Provides applications with the ability to run in isolated protected execution environments. Protected Input: Provides a mechanism that protects communication between the keyboard/mouse and applications running in the protected execution environments. Protected graphics: Provides a mechanism that enables applications running within the protected execution environment to send display information to the graphics frame buffer Protected Launch: Provides for the controlled launch and registration of the critical OS and system software components in a protected execution environment.

22 Intel s La Grande, AMD s Presidio, ARM s Trustzone Protected Execution: Provides applications with the ability to run in isolated protected execution environments. Protected Input: Provides a mechanism that protects communication between the keyboard/mouse and applications running in the protected execution environments. Protected graphics: Provides a mechanism that enables applications running within the protected execution environment to send display information to the graphics frame buffer Protected Launch: Provides for the controlled launch and registration of the critical OS and system software components in a protected execution environment.

23 Intel s La Grande, AMD s Presidio, ARM s Trustzone Protected Execution: Provides applications with the ability to run in isolated protected execution environments. Protected Input: Provides a mechanism that protects communication between the keyboard/mouse and applications running in the protected execution environments. Protected graphics: Provides a mechanism that enables applications running within the protected execution environment to send display information to the graphics frame buffer Protected Launch: Provides for the controlled launch and registration of the critical OS and system software components in a protected execution environment.

24 Intel s La Grande, AMD s Presidio, ARM s Trustzone Protected Execution: Provides applications with the ability to run in isolated protected execution environments. Protected Input: Provides a mechanism that protects communication between the keyboard/mouse and applications running in the protected execution environments. Protected graphics: Provides a mechanism that enables applications running within the protected execution environment to send display information to the graphics frame buffer Protected Launch: Provides for the controlled launch and registration of the critical OS and system software components in a protected execution environment.

25 Outline Trusted Computing 1 Trusted Computing 2 Trust Requirement of 3

26 Microsoft s NGSCB, OpenTC project Implementation of an isolation kernel that enforces domain separation. NGSCB - Microsoft s efforts in the area of Trusted Operating Systems. OpenTC - EU project for the development of an open source OS (amongst other things).

27 Microsoft s NGSCB, OpenTC project Implementation of an isolation kernel that enforces domain separation. NGSCB - Microsoft s efforts in the area of Trusted Operating Systems. OpenTC - EU project for the development of an open source OS (amongst other things).

28 Outline Trusted Computing Trust Requirement of 1 Trusted Computing 2 Trust Requirement of 3

29 Trust Requirement of needs trust environment is open and dynamic, devices and environment may be unknown to each other. Confidentiality, Integrity, Authentication, Authorisation... Mutual belief of behaviors as expected?

30 Trust Requirement of needs trust environment is open and dynamic, devices and environment may be unknown to each other. Confidentiality, Integrity, Authentication, Authorisation... Mutual belief of behaviors as expected?

31 Trust Requirement of needs trust environment is open and dynamic, devices and environment may be unknown to each other. Confidentiality, Integrity, Authentication, Authorisation... Mutual belief of behaviors as expected?

32 Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Transitive trust based on manufacturing process. Trust is established from code identities.

33 Definition Trusted Computing Group: A trusted system or component is one that behaves in the expected manner for a particular purpose. Transitive trust based on manufacturing process. Trust is established from code identities.

34 Outline Trusted Computing 1 Trusted Computing 2 Trust Requirement of 3

35 Controlling Access After Distribution There may be policies restricting use of confidential data Access control - based on proof of possession of a valid credential providing the capabilities. Control after distribution - based on proof of correct authentication data to a TPM.

36 Controlling Access After Distribution There may be policies restricting use of confidential data Access control - based on proof of possession of a valid credential providing the capabilities. Control after distribution - based on proof of correct authentication data to a TPM.

37 Controlling Access After Distribution Set-Up:Credential acquirement 1 Instructs TPM to generate non-migratable keys. 2 TPM creates a TPM Key specifying authorisation data and an acceptable platform state for it s usage. 3 Have this key certified by the TPM. 4 TPM returns the TPM Certify Info describing the certified key. Access Control Simple Challenge-Response based protocols incorporating credentials. TPM would unseal the encrypted document at any time provided the authorisation data is valid.

38 Trusted Printing Service Client requests server s attestation. Server checks the validation of the Client, responses with running integrity measurement and other necessary information. Client checks the response to assure the server s behavior, then send request.

39 Trusted Printing Service Client requests server s attestation. Server checks the validation of the Client, responses with running integrity measurement and other necessary information. Client checks the response to assure the server s behavior, then send request.

40 Trusted Printing Service Client requests server s attestation. Server checks the validation of the Client, responses with running integrity measurement and other necessary information. Client checks the response to assure the server s behavior, then send request.

41 Outline Trusted Computing 1 Trusted Computing 2 Trust Requirement of 3

42 Concluding points Trusted Computing could end up playing an important role in future architectures. Both from a hardware perspective and in establishing communicability infrastructure - Trusted Network Connect. Stable force of homogeneity in heterogenous environments. Perhaps not at the minor device level (Ubicomp in its truest sense) but more at the meta-interaction level performing abstract services.

43 Concluding points Trusted Computing could end up playing an important role in future architectures. Both from a hardware perspective and in establishing communicability infrastructure - Trusted Network Connect. Stable force of homogeneity in heterogenous environments. Perhaps not at the minor device level (Ubicomp in its truest sense) but more at the meta-interaction level performing abstract services.

44 Concluding points Trusted Computing could end up playing an important role in future architectures. Both from a hardware perspective and in establishing communicability infrastructure - Trusted Network Connect. Stable force of homogeneity in heterogenous environments. Perhaps not at the minor device level (Ubicomp in its truest sense) but more at the meta-interaction level performing abstract services.

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Roadmap: TPM