Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
The Trusted Computing (TC) and Next Generation Secured Computing Base (NGSCB) Joseph Yu Jeffrey Khuu CS158B Dr. Stamp NGSCB 1 Table of Contents Introduction TC TCG NGSCB TC NGSCB Architecture Features Analysis of NGSCB Summary NGSCB 2 Introduction – TC, TCG, NGSCB TC = Trusted Computing, TCG = Trusted Computing Group, NGSCB = Microsoft’s TC Original Motivation for TC: TC was intended for DRM Limits the abuse of file sharing over the network Prevent making illegal copies without the authorization from the vendor Restrict user’s computing actions NGSCB 3 Introduction - TC Current Motivation for TC: “For years, Bill Gate has dreamed of finding a way to make the Chinese pay for software: TC looks like being the answer to his prayer.” – Ross Anderson TC extend way more than DRM: It gives more authorizations to the computers over users NGSCB 4 Introduction - TC Fundamental Concept of TC Software runs and communicates securely over applications and servers Use “locked-down” architecture Hardware level cryptographic keys for encryption and authentication Tamper-resistant Seal secure data within curtained memory Input/Output communication path are encrypted NGSCB 5 Introduction - TCG Many vendors provide hardware support for major components of NGSCB For example, Intel’s LaGrande Technology (LT) and AMD’s Secure Execution Mode (SEM) technology TCG is an alliance of Microsoft Manage TC activities for different hardware/software vendors: AMD, HP, IBM, and others NGSCB 6 Introduction - TCG Goal: Claimed: Non-Profit industry standards organization to enhance the security and computing in different platforms Provide a secured TCB for the system Activities: Formed in Spring 2003 and adopted a set of specification made by Trusted Computing Platform Alliance (TCPA) NGSCB 7 TC What is Trusted Computing? Trusted Computing Base (TCB) TCB “TCB is everything in operating system that we rely on for security” Dr. Stamp If TCB is damaged/non-secured, the whole system broken. If the system is broken, and TCB is ok. We still have system security Part of the system (combines software and hardware components) Responsible for regulate information security policies Consist of Kernel, OS NGSCB 8 TC -- overview NGSCB 9 TC Should be expected the computing behave the way we wanted and do what we wanted securely Any trusted platform has the following three fundamental features: Protected Capabilities Integrity Capabilities Integrity Reporting NGSCB 10 NGSCB Microsoft’s version of TC: NGSCB Will be implemented in the upcoming version of Windows: as known as Microsoft Windows Longhorn Architecture Computing Environments Four Features of NGSCB NGSCB 11 NGSCB - architecture NGSCB 12 NGSCB - architecture Two primary system components in NGSCB Nexus Special kernel (core of the trusted operating) Goal: Isolate the process of normal mode and trusted mode differently in memory Functionality: Authenticate and protect data (entered, stored, communicated, and displayed) by data encryption Nexus Computing Agent (NCA) NGSCB 13 NGSCB - architecture Nexus Computing Agent (NCA) Trusted software component Runs in trusted mode that communicates with Nexus Open-source for NCA specifications Developers can make their own agents to run on the trusted platform NGSCB 14 NGSCB – Computing Environments Overview NSGCB operates two operating systems in ONE system Two Modes: Normal Mode vs. Trusted Mode Normal Mode: Un-protected environment Same as our current Windows series Fully Controlled by the users Trusted Mode: Protected environment Users have no authorities to modify, delete, or copy ANY content. Implemented TC: Hardware and Software implementation Fully Controlled by the computers NGSCB 15 NGSCB – operating environments NGSCB 16 NGSCB – operating environments Microsoft claimed: “Only an NGSCB trusted application, NCA, can run securely within the protected operating environment.” NCA Defined by software developers Policies Security authentication Security authorization NGSCB 17 NGSCB - Features Claimed: Four Features Strong Process Isolation Sealed Storage Attestation Secured Path to the user NGSCB 18 NGSCB – Four Features Strong Process Isolation Isolate protected and non-protected operating environment that are stored in the same memory Blocks the access of Direct Memory Access (DMA) devices in term of writing and reading to secured block of memory Block access of malicious code Claimed: “no illegitimate access will occurring in protected environment” NGSCB 19 NGSCB – Four Features Sealed storage Ensure the privacy of NGSCB data are not being exposed NGSCB use Security Support Component (SSC) to do this SSC has own encryption services and can be managed by the Nexus Use Advance Encryption Standard (AES), pair of public and private keys, and keys derived for trusted application NGSCB 20 NGSCB – Four Features Sealed Storage NCA uses these keys to encrypt data, access file system, and provide storage services. Claimed: No unauthorized application can read the sealed storage whatsoever (at boot up, or running) NGSCB 21 NGSCB – Four Features Cryptographic Attestation Confirm the recipient that the data was digital signed by the NGSCB and data was cryptographically identifiable Authenticates software Process Prove application identity Useful in networking, prove its identity securely before transmit any data. Avoid Man in the Middle attack? NGSCB 22 NGSCB – Four Features Secure Path to the user Ensure the information remains securely through the input/output of the devices. Encrypt the input/output, creates a secure path. Protects computer from: Keystroke recorded Hardware devices Need to upgrade current hardware devices: mouse/keyboard/USB devices/ video adapter Input: upgrade to USB devices: Smart cards, biometrics, others Output: upgrade to Graphic adapter, which prevent read/write to video memory NGSCB 23 NGSCB Applications Many applications involved NGSCB: regular computing, networking, DRM, others Example: Microsoft Word Restrict user: View/Copy/Write/Open/Close Not compatible with other *.doc applications, ie. OpenOffice Written document is Signed and Encrypted with Microsoft Word --- Only Word has the private key to decrypt it NGSCB 24 NGSCB Application Networking application: Cannot file-sharing via P2P Cannot open your friend’s packed programs Presumably Secured with connected in network Good for networking? Microsoft Explorer / Outlook User might be able to see the content but not able to “Copy-and-Paste” to other applications Users have no right to “do whatever they wanted to do” NGSCB 25 Analysis of NGSCB Current Problematic Computing User can do whatever they wanted to do in computer – taking all responsibility Unprotected: Virus, worms, keystroke, spywares Abuse of file-sharing digital contents As a conclusion, we DO need a better computing protection operating system NGSCB 26 Analysis of NGSCB Will NGSCB be the solution? Human nature to control over things and not to be controlled by others. “People will not use it if it blocks and restricts them doing what they want to do.” Quote NGSCB will fails: Companies will not tolerate attestations on the network and through the firewall every time their employee wants to open a file. They want open the application FAST! NGSCB 27 Analysis of NGSCB NGSCB will fails to work with DRM There is always WAYS to workaround of things. Music for example User still can record what comes out from the speaker, (poor quality but so what, it’s FREE) Recorded and make MP3 out of it Copy content for example Take a screen shot, digital camera? NGSCB 28 NGSCB As a summary of our presentation: NGSCB will fail. People will use alternative products: Apple OS Linux Stay with Microsoft XP ?? NGSCB 29 Q/A Q/A NGSCB 30 References [1] Mark Stamp's CS166 software presentation slides http://www.cs.sjsu.edu/~stamp/CS166 [2] System Management Concepts: Operating system and Devices http://www.unet.univie.ac.at/aix/aixbman/admnconc/tcb.htm [3] TCG Specification Architecture Overview https://www.trustedcomputinggroup.org/downloads/TCG_PCSpecificSpecification_v1_1.pdf [4] Microsoft’s Next Generation Secured Computing Base Overview http://www.microsoft.com/resources/ngscb/NGSCB_Overview.mspx [5] NGSCB Security Model http://www.microsoft.com/resources/ngscb/documents/NGSCB_Security_Model.doc [6] Trusted Computing and NGSCB http://www.cs.bham.ac.uk/~mdr/teaching/TrustedComputing.html [7] Ross Anderson's Trusted Computing FAQ http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html [8] Microsoft’s resource for NGSCB http://www.microsoft.com/resources/ngscb/productInfo.mspx [9] Microsoft's NGSCB four features http://www.microsoft.com/resources/ngscb/four_features.mspx NGSCB 31