Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Trusted Path Clientserver applications Using COTS components Tommy Kristiansen [email protected] Agenda Thesis Contributions Solution Result Questions Background Bruce Schneier believes that "semantic attacks" are the next wave of attacks to be faced by computer users. These violate integrity and authenticity of data presented to the user, enticing him to perform actions benefiting the malfactor. Examples of direct user interactions where this threat can be found are online voting, online gambling, electronic signatures and financial transactions etc. thesis – Contributions – Solution – Result – Questions Trusted Path Orange Book “A mechanism by which a person at a terminal can communicate directly with the Trusted Computing Base. This mechanism can only be activated by the person or the Trusted Computing Base and cannot be imitated by untrusted software.“ Validates to B2 but are often implemented even when not validated to B2 e.g. Windows NT C2. The trusted path mechanism guarantees that data typed by a user on a client keyboard is protected from any intrusion by unauthorized programs. It allows a user to create a non-forgeable and nonpenetrable communication path between the user’s client and the trusted operating system software. thesis – Contributions – Solution – Result – Questions Trusted path with COTS Built on Hanno Langweg’s work – He looked at this with Client applications. Using Delphi to create a ActiveX Control where we use DirectX components to create a secure environment on a win32 platform. Hopefully this will give authenticity and integrity of the user and server. thesis – Contributions – Solution – Result – Questions Why use DirectX When we use DirectX DirectInput and DirectDraw no other program can interfere with them run in exclusive mode. When we use DirectInput, there must be a user present to give input – Eliminates synthesizing – Gives authenticity of a user. When we use DirectDraw no other program can interfere with the integrity of what you see. thesis – Contributions – Solution – Result – Questions Why use ActiveX Easy to implement DirectX components No effort for the user to use it. Trusted by OS – Signed ActiveX control – So you’ll have an trusted application that you need to verify origin of when installing the control. thesis – Contributions – Solution – Result – Questions Hench SendInput Screen capture applications User permissions installing ActiveX thesis – Contributions – Solution – Result – Questions Goals with thesis See if it’s possible to create such solution Look at existing solution to prevent phishing and compare them with this solution. Look at the possibilities of implementing this in other environments. thesis – Contributions – Solution – Status – Questions Contributions Provide software developers with a server-distributed component to establish integrity and authenticity with a local human user. Use existing software-based technology and operating system mechanisms to implement a trusted path without additional expensive hardware. Analyze and compare the security of this approach and alternatives. Build a working prototype for an existing general purpose operating system. Prevents phishing attacks More secure under login/sigin Prevent effectiveness of Trojan horse/Malware Does not prevent keylogging!! thesis – Contributions – Solution – Status – Questions Contributions Assuming – We can trust the OS(a assumption we already have when using e.g. e-banking) – That the connection between client-server is secure e.g. SSL Trojan horse and Malware – Is on top of the OS and only have the same rights as the user (no adm). thesis – Contributions – Solution – Status – Questions Solution thesis – Contributions – Solution – Result – Questions Results Gives advantages compared with existing solutions. Limitations due to platform Found some other interesting platform to see if similar solutions are possible. thesis – Contributions – Solution – Result – Questions Questions ? thesis – Contributions – Solution – Status – Questions