The Trusted Computing _TC_ and Next Generation Secured Computing

Document Sample
The Trusted Computing _TC_ and Next Generation Secured Computing Powered By Docstoc
					The Trusted Computing (TC) and
       Next Generation Secured
      Computing Base (NGSCB)

                     Joseph Yu
                     Jeffrey Khuu
                     Dr. Stamp

             NGSCB                  1
Table of Contents
 Introduction
 TC
 Analysis of NGSCB
 Summary
                      NGSCB   2
Introduction – TC, TCG, NGSCB

TC = Trusted Computing, TCG = Trusted
 Computing Group, NGSCB = Microsoft’s
Original Motivation for TC:
  TC was intended for DRM
  Limits the abuse of file sharing over the network
  Prevent making illegal copies without the
   authorization from the vendor
  Restrict user’s computing actions
                        NGSCB                      3
Introduction - TC

Current Motivation for TC:
  “For years, Bill Gate has dreamed of finding a
   way to make the Chinese pay for software: TC
   looks like being the answer to his prayer.” –
   Ross Anderson
  TC extend way more than DRM: It gives more
   authorizations to the computers over users

                       NGSCB                        4
Introduction - TC

Fundamental Concept of TC
  Software runs and communicates securely over
   applications and servers
  Use “locked-down” architecture
    Hardware level cryptographic keys for encryption and
  Seal secure data within curtained memory
  Input/Output communication path are encrypted

                         NGSCB                          5
Introduction - TCG

Many vendors provide hardware support
 for major components of NGSCB
  For example, Intel’s LaGrande Technology (LT)
   and AMD’s Secure Execution Mode (SEM)
TCG is an alliance of Microsoft
Manage TC activities for different
 hardware/software vendors: AMD, HP,
 IBM, and others
                      NGSCB                        6
Introduction - TCG

  Claimed: Non-Profit industry standards
   organization to enhance the security and
   computing in different platforms
  Provide a secured TCB for the system
  Formed in Spring 2003 and adopted a set of
   specification made by Trusted Computing
   Platform Alliance (TCPA)
                       NGSCB                    7
 What is Trusted Computing?
  Trusted Computing Base (TCB)
  “TCB is everything in operating system that we rely on
   for security” Dr. Stamp
  If TCB is damaged/non-secured, the whole system
  If the system is broken, and TCB is ok. We still have
   system security
  Part of the system (combines software and hardware
  Responsible for regulate information security policies
  Consist of Kernel, OS
                           NGSCB                            8
TC -- overview

                 NGSCB   9

Should be expected the computing behave
 the way we wanted and do what we
 wanted securely
Any trusted platform has the following
 three fundamental features:
  Protected Capabilities
  Integrity Capabilities
  Integrity Reporting

                       NGSCB           10

Microsoft’s version of TC: NGSCB
Will be implemented in the upcoming
 version of Windows: as known as
 Microsoft Windows Longhorn
Computing Environments
Four Features of NGSCB

                   NGSCB               11
NGSCB - architecture

                NGSCB   12
NGSCB - architecture
Two primary system components in
  Special kernel (core of the trusted operating)
  Goal: Isolate the process of normal mode and
   trusted mode differently in memory
  Functionality: Authenticate and protect data
   (entered, stored, communicated, and displayed)
   by data encryption
Nexus Computing Agent (NCA)
                      NGSCB                     13
NGSCB - architecture

Nexus Computing Agent (NCA)
  Trusted software component
  Runs in trusted mode that communicates with
  Open-source for NCA specifications
  Developers can make their own agents to run
   on the trusted platform

                      NGSCB                      14
NGSCB – Computing Environments
 NSGCB operates two operating systems in ONE system
 Two Modes:
   Normal Mode vs. Trusted Mode
 Normal Mode:
   Un-protected environment
   Same as our current Windows series
   Fully Controlled by the users
 Trusted Mode:
   Protected environment
   Users have no authorities to modify, delete, or copy ANY content.
   Implemented TC: Hardware and Software implementation
   Fully Controlled by the computers

                               NGSCB                               15
NGSCB – operating environments

               NGSCB             16
NGSCB – operating environments

Microsoft claimed: “Only an NGSCB
 trusted application, NCA, can run securely
 within the protected operating
  Defined by software developers
    Security authentication
    Security authorization
                         NGSCB            17
NGSCB - Features

Claimed: Four Features
  Strong Process Isolation
  Sealed Storage
  Secured Path to the user

                      NGSCB   18
NGSCB – Four Features
Strong Process Isolation
  Isolate protected and non-protected operating
   environment that are stored in the same
  Blocks the access of Direct Memory Access
   (DMA) devices in term of writing and reading to
   secured block of memory
  Block access of malicious code
  Claimed: “no illegitimate access will occurring in
   protected environment”

                        NGSCB                       19
NGSCB – Four Features
Sealed storage
  Ensure the privacy of NGSCB data are not
   being exposed
  NGSCB use Security Support Component (SSC)
   to do this
  SSC has own encryption services and can be
   managed by the Nexus
  Use Advance Encryption Standard (AES), pair
   of public and private keys, and keys derived for
   trusted application

                       NGSCB                     20
NGSCB – Four Features

Sealed Storage
  NCA uses these keys to encrypt data, access
   file system, and provide storage services.
  Claimed: No unauthorized application can read
   the sealed storage whatsoever (at boot up, or

                      NGSCB                        21
NGSCB – Four Features

Cryptographic Attestation
  Confirm the recipient that the data was digital
   signed by the NGSCB and data was
   cryptographically identifiable
  Authenticates software Process
     Prove application identity
     Useful in networking, prove its identity securely
      before transmit any data.
     Avoid Man in the Middle attack?

                           NGSCB                          22
NGSCB – Four Features
 Secure Path to the user
  Ensure the information remains securely through the
   input/output of the devices.
  Encrypt the input/output, creates a secure path.
  Protects computer from:
      Keystroke recorded
 Hardware devices
  Need to upgrade current hardware devices:
   mouse/keyboard/USB devices/ video adapter
  Input: upgrade to USB devices: Smart cards, biometrics,
  Output: upgrade to Graphic adapter, which prevent
   read/write to video memory
                            NGSCB                        23
NGSCB Applications
 Many applications involved NGSCB: regular
  computing, networking, DRM, others
 Example: Microsoft Word
  Restrict user:
     Not compatible with other *.doc applications, ie.
     Written document is Signed and Encrypted with
      Microsoft Word --- Only Word has the private key
      to decrypt it
                         NGSCB                        24
NGSCB Application
Networking application:
  Cannot file-sharing via P2P
  Cannot open your friend’s packed programs
  Presumably Secured with connected in network
  Good for networking?
Microsoft Explorer / Outlook
  User might be able to see the content but not
   able to “Copy-and-Paste” to other applications
  Users have no right to “do whatever they
   wanted to do”
                       NGSCB                        25
Analysis of NGSCB

Current Problematic Computing
  User can do whatever they wanted to do in
   computer – taking all responsibility
  Unprotected: Virus, worms, keystroke,
  Abuse of file-sharing digital contents
As a conclusion, we DO need a better
 computing protection operating system

                      NGSCB                    26
Analysis of NGSCB

Will NGSCB be the solution?
  Human nature to control over things and not to
   be controlled by others.
  “People will not use it if it blocks and restricts
   them doing what they want to do.” Quote
  NGSCB will fails:
     Companies will not tolerate attestations on the
      network and through the firewall every time their
      employee wants to open a file.
     They want open the application FAST!
                           NGSCB                          27
Analysis of NGSCB

NGSCB will fails to work with DRM
  There is always WAYS to workaround of things.
    Music for example
    User still can record what comes out from the
     speaker, (poor quality but so what, it’s FREE)
    Recorded and make MP3 out of it
    Copy content for example
    Take a screen shot, digital camera?

                          NGSCB                       28

As a summary of our presentation:
NGSCB will fail.
People will use alternative products:
  Apple OS
  Stay with Microsoft XP ??

                      NGSCB              29


      NGSCB   30
   [1] Mark Stamp's CS166 software presentation slides
   [2] System Management Concepts: Operating system and Devices
   [3] TCG Specification Architecture Overview
   [4] Microsoft’s Next Generation Secured Computing Base Overview
   [5] NGSCB Security Model
   [6] Trusted Computing and NGSCB
   [7] Ross Anderson's Trusted Computing FAQ
   [8] Microsoft’s resource for NGSCB
   [9] Microsoft's NGSCB four features

                                             NGSCB                                             31