Download NGSCB

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
Document related concepts

Plan 9 from Bell Labs wikipedia , lookup

OS/2 wikipedia , lookup

Mobile operating system wikipedia , lookup

Copland (operating system) wikipedia , lookup

Process management (computing) wikipedia , lookup

VS/9 wikipedia , lookup

Distributed operating system wikipedia , lookup

Unix security wikipedia , lookup

CP/M wikipedia , lookup

Security-focused operating system wikipedia , lookup

Transcript 
The Trusted Computing (TC) and
Next Generation Secured
Computing Base (NGSCB)
Joseph Yu
Jeffrey Khuu
CS158B
Dr. Stamp
NGSCB
1
Table of Contents
 Introduction
TC
TCG
NGSCB
 TC
 NGSCB
Architecture
Features
 Analysis of NGSCB
 Summary
NGSCB
2
Introduction – TC, TCG, NGSCB
TC = Trusted Computing, TCG = Trusted
Computing Group, NGSCB = Microsoft’s
TC
Original Motivation for TC:
TC was intended for DRM
Limits the abuse of file sharing over the network
Prevent making illegal copies without the
authorization from the vendor
Restrict user’s computing actions
NGSCB
3
Introduction - TC
Current Motivation for TC:
“For years, Bill Gate has dreamed of finding a
way to make the Chinese pay for software: TC
looks like being the answer to his prayer.” –
Ross Anderson
TC extend way more than DRM: It gives more
authorizations to the computers over users
NGSCB
4
Introduction - TC
Fundamental Concept of TC
Software runs and communicates securely over
applications and servers
Use “locked-down” architecture
Hardware level cryptographic keys for encryption and
authentication
Tamper-resistant
Seal secure data within curtained memory
Input/Output communication path are encrypted
NGSCB
5
Introduction - TCG
Many vendors provide hardware support
for major components of NGSCB
For example, Intel’s LaGrande Technology (LT)
and AMD’s Secure Execution Mode (SEM)
technology
TCG is an alliance of Microsoft
Manage TC activities for different
hardware/software vendors: AMD, HP, IBM,
and others
NGSCB
6
Introduction - TCG
Goal:
Claimed: Non-Profit industry standards
organization to enhance the security and
computing in different platforms
Provide a secured TCB for the system
Activities:
Formed in Spring 2003 and adopted a set of
specification made by Trusted Computing
Platform Alliance (TCPA)
NGSCB
7
TC
 What is Trusted Computing?
Trusted Computing Base (TCB)
 TCB
“TCB is everything in operating system that we rely on
for security” Dr. Stamp
If TCB is damaged/non-secured, the whole system
broken.
If the system is broken, and TCB is ok. We still have
system security
Part of the system (combines software and hardware
components)
Responsible for regulate information security policies
Consist of Kernel, OS
NGSCB
8
TC -- overview
NGSCB
9
TC
Should be expected the computing behave
the way we wanted and do what we
wanted securely
Any trusted platform has the following
three fundamental features:
Protected Capabilities
Integrity Capabilities
Integrity Reporting
NGSCB
10
NGSCB
Microsoft’s version of TC: NGSCB
Will be implemented in the upcoming
version of Windows: as known as
Microsoft Windows Longhorn
Architecture
Computing Environments
Four Features of NGSCB
NGSCB
11
NGSCB - architecture
NGSCB
12
NGSCB - architecture
Two primary system components in
NGSCB
Nexus
Special kernel (core of the trusted operating)
Goal: Isolate the process of normal mode and
trusted mode differently in memory
Functionality: Authenticate and protect data
(entered, stored, communicated, and displayed)
by data encryption
Nexus Computing Agent (NCA)
NGSCB
13
NGSCB - architecture
Nexus Computing Agent (NCA)
Trusted software component
Runs in trusted mode that communicates with
Nexus
Open-source for NCA specifications
Developers can make their own agents to run
on the trusted platform
NGSCB
14
NGSCB – Computing Environments
Overview
 NSGCB operates two operating systems in ONE system
 Two Modes:
 Normal Mode vs. Trusted Mode
 Normal Mode:
 Un-protected environment
 Same as our current Windows series
 Fully Controlled by the users
 Trusted Mode:
 Protected environment
 Users have no authorities to modify, delete, or copy ANY content.
 Implemented TC: Hardware and Software implementation
 Fully Controlled by the computers
NGSCB
15
NGSCB – operating environments
NGSCB
16
NGSCB – operating environments
Microsoft claimed: “Only an NGSCB
trusted application, NCA, can run securely
within the protected operating
environment.”
NCA
Defined by software developers
Policies
Security authentication
Security authorization
NGSCB
17
NGSCB - Features
Claimed: Four Features
Strong Process Isolation
Sealed Storage
Attestation
Secured Path to the user
NGSCB
18
NGSCB – Four Features
Strong Process Isolation
Isolate protected and non-protected operating
environment that are stored in the same
memory
Blocks the access of Direct Memory Access
(DMA) devices in term of writing and reading to
secured block of memory
Block access of malicious code
Claimed: “no illegitimate access will occurring in
protected environment”
NGSCB
19
NGSCB – Four Features
Sealed storage
Ensure the privacy of NGSCB data are not
being exposed
NGSCB use Security Support Component (SSC)
to do this
SSC has own encryption services and can be
managed by the Nexus
Use Advance Encryption Standard (AES), pair
of public and private keys, and keys derived for
trusted application
NGSCB
20
NGSCB – Four Features
Sealed Storage
NCA uses these keys to encrypt data, access
file system, and provide storage services.
Claimed: No unauthorized application can read
the sealed storage whatsoever (at boot up, or
running)
NGSCB
21
NGSCB – Four Features
Cryptographic Attestation
Confirm the recipient that the data was digital
signed by the NGSCB and data was
cryptographically identifiable
Authenticates software Process
Prove application identity
Useful in networking, prove its identity securely
before transmit any data.
Avoid Man in the Middle attack?
NGSCB
22
NGSCB – Four Features
 Secure Path to the user
Ensure the information remains securely through the
input/output of the devices.
Encrypt the input/output, creates a secure path.
Protects computer from:
 Keystroke recorded
 Hardware devices
Need to upgrade current hardware devices:
mouse/keyboard/USB devices/ video adapter
Input: upgrade to USB devices: Smart cards, biometrics,
others
Output: upgrade to Graphic adapter, which prevent
read/write to video memory
NGSCB
23
NGSCB Applications
 Many applications involved NGSCB: regular
computing, networking, DRM, others
 Example: Microsoft Word
Restrict user:
View/Copy/Write/Open/Close
Not compatible with other *.doc applications, ie.
OpenOffice
Written document is Signed and Encrypted with
Microsoft Word --- Only Word has the private key
to decrypt it
NGSCB
24
NGSCB Application
Networking application:
Cannot file-sharing via P2P
Cannot open your friend’s packed programs
Presumably Secured with connected in network
Good for networking?
Microsoft Explorer / Outlook
User might be able to see the content but not
able to “Copy-and-Paste” to other applications
Users have no right to “do whatever they
wanted to do”
NGSCB
25
Analysis of NGSCB
Current Problematic Computing
User can do whatever they wanted to do in
computer – taking all responsibility
Unprotected: Virus, worms, keystroke,
spywares
Abuse of file-sharing digital contents
As a conclusion, we DO need a better
computing protection operating system
NGSCB
26
Analysis of NGSCB
Will NGSCB be the solution?
Human nature to control over things and not to
be controlled by others.
“People will not use it if it blocks and restricts
them doing what they want to do.” Quote
NGSCB will fails:
Companies will not tolerate attestations on the
network and through the firewall every time their
employee wants to open a file.
They want open the application FAST!
NGSCB
27
Analysis of NGSCB
NGSCB will fails to work with DRM
There is always WAYS to workaround of things.
Music for example
User still can record what comes out from the
speaker, (poor quality but so what, it’s FREE)
Recorded and make MP3 out of it
Copy content for example
Take a screen shot, digital camera?
NGSCB
28
NGSCB
As a summary of our presentation:
NGSCB will fail.
People will use alternative products:
Apple OS
Linux
Stay with Microsoft XP ??
NGSCB
29
Q/A
Q/A
NGSCB
30
References


















[1] Mark Stamp's CS166 software presentation slides
http://www.cs.sjsu.edu/~stamp/CS166
[2] System Management Concepts: Operating system and Devices
http://www.unet.univie.ac.at/aix/aixbman/admnconc/tcb.htm
[3] TCG Specification Architecture Overview
https://www.trustedcomputinggroup.org/downloads/TCG_PCSpecificSpecification_v1_1.pdf
[4] Microsoft’s Next Generation Secured Computing Base Overview
http://www.microsoft.com/resources/ngscb/NGSCB_Overview.mspx
[5] NGSCB Security Model
http://www.microsoft.com/resources/ngscb/documents/NGSCB_Security_Model.doc
[6] Trusted Computing and NGSCB
http://www.cs.bham.ac.uk/~mdr/teaching/TrustedComputing.html
[7] Ross Anderson's Trusted Computing FAQ
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
[8] Microsoft’s resource for NGSCB
http://www.microsoft.com/resources/ngscb/productInfo.mspx
[9] Microsoft's NGSCB four features
http://www.microsoft.com/resources/ngscb/four_features.mspx
NGSCB
31
Related documents
Chapter 13
Chapter 13
Trusted Operating Systems
Trusted Operating Systems
New Hardware Components for NGSCB
New Hardware Components for NGSCB
Software 2
Software 2
DOC Security Model for the Next-Generation Secure Computing Base
DOC Security Model for the Next-Generation Secure Computing Base
Software - Department of Computer Science
Software - Department of Computer Science
Trusted Hardware
Trusted Hardware
L22
L22
Sai Uday Kiran Ravi`s presentation on Application Security on
Sai Uday Kiran Ravi`s presentation on Application Security on
commercial laboratory services
commercial laboratory services
Chapter 05
Chapter 05
Fundamentals of Computer Hardware & software
Fundamentals of Computer Hardware & software