18731-s09-tcg_lecture - Trusted Computing Jonathan M McCune...

Info icon This preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
1/27/09 1 1 Trusted Computing Jonathan M. McCune [email protected] 2009.01.27 2 What is Trusted Computing? Controversial topic Trusted not to run unauthorized programs Trusted by whom? Software vendor User Advocates Make computers safer Protection against viruses and malware Opponents Too much power and control into software vendors You Make an informed decision A potential project topic
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
1/27/09 2 3 Outline Review of some current approaches for building secure systems Hardware-based attestation Static Root of Trust (version 1.1b) Next-generation TCG (version 1.2) AMD/Intel secure virtual machine extensions Project details (time permitting) 4 Adversary Model Axiom: Every system has at least one more flaw We assume remote adversary who can launch network-based attacks Adversary can compromise OS and/or applications Adversary may control network communication We trust local hardware, local hardware attacks are even harder to defend against Realistic model, as remote attacks constitute majority of threats
Image of page 2
1/27/09 3 5 Security Properties to Consider Trustworthy device operation How can we trust operations that our devices perform? Questions to consider How can we trust App1? What if App2 has a security vulnerability? What if Operating System has a security vulnerability? Hardware Operating System App1 App2 App3 6 Some Current Approaches Program code in ROM Secure boot Virtual-machine-based isolation Evaluation metric: size of Trusted Computing Base (TCB) We visualize components in TCB in red: Hardware Operating System A1 A2 A3
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
1/27/09 4 7 Program Code in ROM Approach: keep entire program in ROM Advantages Simplicity Adversary cannot inject any additional software Disadvantages Cannot update software (without exchanging ROM) Adversary can still use control-flow attack Entire system is in TCB, no isolation Verdict Impractical for current systems, ability to update code for enhancing features or fixing bugs is critical Hardware Operating System A1 A2 A3 8 Secure Boot Each component of the boot process verifies following component to be loaded Example: digital signature on each boot component; boot loader contains public key and verifies digital signature on OS, etc. Advantages Only approved software can be loaded (assuming no vulnerabilities) Disadvantages Adversary only needs to compromise singe component Entire system is in TCB, no isolation Verdict: Entire system is still part of TCB, Relatively weak security guarantee Hardware Operating System A1 A2 A3
Image of page 4
1/27/09 5 9 Virtual-machine-based Isolation Approach: Isolate applications by executing them inside different Virtual Machines Advantages Smaller TCB Isolation between applications Disadvantages VMM is still large and part of TCB Relatively complex, not well suited for average user
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern