VIEWS: 46 PAGES: 27 CATEGORY: Operating Systems POSTED ON: 4/4/2012
Chrome OS is a Google officially announced in a PC-based operating system development. Google Chrome OS is an open source operating system based on Linux. Google said on his official blog, the initial stage, the operating system will be targeted at netbooks, compact and low-cost PCs.Open-source software will be named the Chrome OS, Google held Chrome product launch in the United States on December 7, 2010, the conference officially released the Chrome Web store and Chrome OS.
Chrome OS: Practical Security Will Drewry Sumit Gwalani Google Session ID: ASEC-301 Session Classification: Intermediate Build a more secure web browsing experience Chrome OS Building a more secure web browser Minimizing system attack surface & exploitability Secure Management Usable security features 2 Chrome OS 3 Chrome OS Chrome has more than 160 Million active users today Speed Simplicity Security Chrome OS = Chrome running on specialized hardware Chrome OS – fast to boot; fast always Computers Today Nothing but the web 5 Chrome OS Simplicity – easy to use 6 Phase 0: Build a more secure browser 7 Chrome Sandbox Chrome Security • Safe Browsing o Block phishing sites o Block malware sites • Browser sandbox • Automatic updates • No NPAPI native plugins • Sandboxed Flash Chrome Security (and it's ongoing...) • Built-in certificate pinning • HSTS • Blocked HTTP auth for sub-resource loads on origin mismatch • Strong JS random number API • Content Security Policy support Phase 1: Minimize attack surface and exploitability 11 Minimize firmware attack surface • Only execute code that is checked • Static root of trust model for providing a verified boot flow • Read-only firmware checks mutable firmware o Only the header containing the signature is parsed • Mutable firmware checks the OS kernel o Partition table (GPT) is parsed o Kernel header containing the signature is parsed • No Option ROMs are supported • No external boot devices are supported Verified Boot flow 13 Verified Boot flow 14 Minimize OS attack surface • Integrity checked system image chained to secure firmware o Ensures no code or data from the base system image is used without checking authenticity o W^X for mounted partitions • Chrome sandboxing (See phase 0 :) • Principle of least privileges for daemons o minimize "root" uids o use namespacing o ... • Per-user encrypted "home" directories Robustness to attack (in addition to attack surface minimization) • Automatic, authenticated updates • Hardened toolchain o noexec stack/heap o address space layout randomization o stack protector o ... • Read-only firmware backed recovery/reinstallation system • Hardened kernel configuration Phase 2: Allow secure management 17 Enterprise Policies • Content Control • Apps and Extensions • Browser Options • Browser Features • Omnibox Search Provider • Device Settings • Proxy Settings • User Experience Enterprise Enrollment & Device Ownership • Device "owner" is the first user to sign in o Unless device is enrolled into enterprise policies o Enterprise becomes the device "owner“ • Owner status enforcement is hardware-backed o Local/consumer is locked in "consumer mode" o Remote/enterprise is locked to a domain • Lockable TPM NVRAM stores metadata for the lifetime of an install TPM Wrapped Keys TPM is used to wrap all sensitive data • User data encryption keys • Enterprise wireless certificates • VPN certificates • Client certificates What's coming up? • Inventory Management • Printer Management • Network Configuration • Status Monitoring and reporting • And more… Phase 3: Rinse and repeat 22 Minimizing the kernel attack surface • Proposed Linux kernel feature to drop/block disallowed syscalls o Added to Chrome sandbox o Added to system isolation helper (minijail) • Minimizes the services provided by the kernel to running software • And lots more… Combining it all together... 24 Practical Security Defense in depth approach to build a more secure device for web browsing Verified image on boot • Hardware-backed user data encryption • Super easy to sign in on the device • Guest account • Seamless automatic updates • Hardware-backed reinstall path • Developer Mode • Management - even on non-enterprise owned devices Security Fundamentals • Patch fast • Release fast o 3 channels: Stable/Beta/Dev o New stable builds approximately every 6 weeks o security fixes more frequently • Match Chrome browser's extremely high update rate • Open source, never security-by-obscurity • Leverage community experts Instant web and forever new Chrome OS Easy to use Practical Security Defense in depth Verified Boot Secure Management
Pages to are hidden for
"Chrome OS - RSA Conference"Please download to view full document