SlideShare une entreprise Scribd logo

lamacchia-palladium

Télécharger en tant que PPT, PDF
Ned Hayes
Ned Hayes
1  sur  31
An OverviewAn Overview of Palladiumof Palladium Brian A. LaMacchiaBrian A. LaMacchia Software ArchitectSoftware Architect Windows Trusted Platform TechnologiesWindows Trusted Platform Technologies
AcknowledgementsAcknowledgements  Key contributors to the Palladium initiative at Microsoft include:  Peter Biddle  John de Treville  Paul England  Butler Lampson  John Manferdelli  Marcus Peinado  Bryan Willman
AgendaAgenda  Introduction and Motivation  Architecture  New Security Features  Policy Issues  Summary/Q&A
Introduction &Introduction & MotivationMotivation
What is Palladium?What is Palladium?  Palladium (Pd) is a set of new security- oriented capabilities in Windows  Enabled by new hardware  Goal is to “protect software from software”  Defend against malicious software running in Ring 0  Four categories of new security features  Sealed storage  Attestation  Curtained memory  Secure input and output
Trusted Open SystemsTrusted Open Systems  Our OSs are designed for:  Features  Performance  Plug-ability/Openness  Applications  Drivers  Core OS components  Ease of use, and  Security Contrast this with the design of a smartcard OS
Nightmare ScenariosNightmare Scenarios  A virus/Trojan that launches something worse than a denial of service attack:  Trades a random stock (for mischief or profit)  Posts tax-records to a newsgroup  Orders a random book from Amazon.com  Grabs user/password for the host/web-sites and posts them to a newsgroup  Posts personal documents to a newsgroup
ArchitectureArchitecture
Palladium At 50,000 Feet: 1Palladium At 50,000 Feet: 1 App OS User Kernel  How do you preserve the flexibility and extensibility that contributes so much to the entire PC ecosystem, while still providing end users with a safe place to do important work?  In particular, how can you keep anything secret, when pluggable kernel components control the machine?
Palladium At 50,000 Feet: 2Palladium At 50,000 Feet: 2 Agent Agent  The CPU is either in “standard” mode or “trusted” mode.  Pages of physical memory can be marked as “trusted.” Trusted pages can only be accessed when the CPU is in trusted mode. App OS User Kernel Standard Trusted  The solution: subdivide the execution environment by adding a new mode flag to the CPU. Nexus
Palladium At 50,000 Feet: 3Palladium At 50,000 Feet: 3 User Kernel App OS Standard Trusted Agent Nexus Agent SSC Pub/Pri Keys Trusted GPU Trusted USB Hub  Input is secured by a trusted USB ‘hub’ for KB and mouse that carries on a protected conversation with the nexus.  Output is secured by a trusted GPU that carries on a crypto-protected conversation with the nexus.  This gives us “fingertip-to-eyeball” security.  Agents also need to let the user enter secrets and to display secrets to the user.
Hardware SummaryHardware Summary  CPU changes  MMU changes  Southbridge (LPC bus interface) changes  Security Support Component (SSC)  New chip on the motherboard (LPC bus)  Trusted USB hub  May be on motherboard, in keyboard, or anywhere in between  Trusted GPU
Hardware RequirementsHardware Requirements  SSC – Security Service Component  Think “smart-card soldered to the motherboard”  Cheap, fixed-function device  Contains  At least an AES key and an RSA key pair  AES key & RSA private key never leave the chip  Registers: e.g. the “PCR” (platform configuration register) that contains the digest of the running Nexus  Must be close to the chipset (e.g. not a real smartcard) because it must be involved in nexus initialization  Contains other security “goodness”  RNG, counters, other key-storage, crypto-ops
What Palladium ProvidesWhat Palladium Provides  Separate protectedprotected execution environment for applications (computing agents)(computing agents) that need higher security  Hardware-based memory isolation  Privileged services for these agents  Mostly cryptographic services  Agents can be  Standalone  Provide services to other applications  In the long term  “Project trust” into the main OS
Palladium Core FeaturesPalladium Core Features  All Palladium capabilities build off of four key features:  Strong process isolation  Root key for persistent secret protection  Secure path to and from the user  Attestation  The first three are needed to protect against malicious code (viruses, Trojans, etc.)  Attestation breaks new ground  Facts about “things” (SW, users, machines, services) can be proved to (and believed by) remote entities.
Code Identity in PalladiumCode Identity in Palladium  The Palladium security model assigns access rights to code identities  Palladium always knows what code is running in the right-hand side  Booting a nexus (security kernel) causes the SSC to compute the hash of the nexus and store it in a read-only register (PCR)  Change the nexus, change its identity  The nexus recursively provides similar features for notarized computing agents executing in trusted mode
Code IdentityCode Identity OS Identity:OS Identity: •Keep the hardware simple! •The SSC/chipset measures the digest of the nexus on “secure initialization.”SSC Nexus Agent Agent Hardware “OS” Applications App Identity:App Identity: •Could be a digest, but we actually use a “manifest” – simplifies management
Sealed StorageSealed Storage  Allows SW to keep long-lived secrets safe from other SW running on the host  An encryption technology  But more than simple encryption  An OS/nexus can keep secrets from other OSs  If an OS can keep a secret, it can provide a similar service to applications  How do we do this?  Use the PCR value to “brand” encrypted secrets with the identity of the code that “owns” them.  Owners of secrets can also designate alternate recipients (necessary for update & migration)
Sealed StorageSealed Storage (Allowing code to keep secrets)(Allowing code to keep secrets)  SSC Seal/UnSeal functions  Seal(secret, PCR value) -> Blob  Says “encrypt this secret so that only the named nexus can retrieve it”  UnSeal(Blob) -> secret (or error)  If the hash of the current Nexus (current PCR value) is the exact same one included in the blob:  Return the secret  Otherwise  Return an error  Implementation: (e.g.) AES using SSC’s key
AttestationAttestation  Attestation lets a remote client know what SW is running  OS / Nexus  Application  Client policy (virus checker, admin access, etc.)  Attestation is an authentication technology  But more than “simple signing”  Enables authentication of a software configuration (nexus, application process)
AttestationAttestation (How code authenticates itself)(How code authenticates itself)  SSC Quote Function  Quote (string) -> Sign[string | PCR value]  Protocol building-block:  Server/peer:  Checks signature  Checks certificates on signing key  Checks nexus digest is as expected  Knows “MS Nexus on Acme Trusted Platform”  Implementation: RSA using SSC key pair
Secure User Input and OutputSecure User Input and Output  Isolation, sealed storage and attestation aren’t enough, however, to keep secrets safe  Why?  Because users can be fooled into thinking they’re talking to Palladium when they’re not  We also have to protect the channels to/from the user again sniffing  Keyboard, frame buffer, etc.  User / Application Relationship  Protected path between user and application
Policy IssuesPolicy Issues
Policy IssuesPolicy Issues Some of the technical issues we have to solve to make Palladium successful also have policy components to them. For example:  How do we in practice build an “attestable” TCB?  “Attestable” == open, auditable, comprehensible and provable to a remote party  Since the Pd RSA key pair is unique to the platform, what steps should we take to defend against traffic analysis of user behavior?
Nexus PoliciesNexus Policies  Everything that runs today will run on Pd systems  The platform will run any nexus  The user will be in charge of what nexuses he chooses to run  The MS nexus will run any application  The user will be in charge of the applications that he chooses to run  The MS nexus will interoperate with any network service provider  The MS nexus source code will be made available for review
Privacy of Machine IdentitiesPrivacy of Machine Identities  The issue: Palladium uses at least two sets of unique hardware keys (one AES key, one RSA key pair):  These keys are essentially equivalent to unique machine identifiers  But this is the only way we can keep your stuff safe!  Sealed Storage:  Uses a unique AES key, but the algorithms are:  Opt-in (user designates what software can access the functions)  Randomizing (can’t decide whether two ciphertexts were created on the same machine)  Attestation:  Uses a unique RSA key, but is designed to authenticate the platform  Opt-in (user designates what software can access the functions)  We strictly control HW authentication key disclosure  The hardware has privacy safeguards built into it  Access to the RSA public key components is restricted  In the current design, only one export of the RSA public key is allowed per power cycle
Pseudo-IdentitiesPseudo-Identities  If every party I communicate with needs my HW RSA public key to encrypt some information for me, then that key becomes a platform ID.  We need at least another layer of indirection  We need to make it easy and cheap to generate temporary pseudo-identities (RSA key pairs) that can be authenticated as belonging to some Pd machine but not any particular Pd machine  Use the HW key once to get the pseudo- identity certified as belonging to a Pd platform, then use the pseudo-identity key  Ultimately, this means we need to create a market in pseudo-identities and pseudo-identity providers.
Registering a Pseudo-Registering a Pseudo- IdentityIdentity Pseudo-identityPseudo-identity certifier/providercertifier/provider (third-party CA)(third-party CA) CertCertPd-class PCPd-class PC SSC key pair and cert from manufacturer Randomly-generated RSA key pair CertCert Send both public keys, proof-of-possession for both keys and the cert to the CA CA verifies both POPs and the cert, and issues a new cert on the random key that doesn’t reference the SSC key or cert CertCert
SummarySummary  Palladium is a hardware-based secure execution environment  Palladium processes are isolated from each other by the hardware  Palladium processes can store & retrieve secrets securely (based on their hash value)  The nexus provides an execution environment and security/crypto-services to hosted agents  Hardware provides crypto services to the nexus  Recursively, the nexus provides these same services to agents running on top of it
LCS/CIS Seminar on PalladiumLCS/CIS Seminar on Palladium  Want more details on Palladium?  Come to my talk tomorrow!  Friday, 10/18, 10:30am-12pm  Right here in NE43-518
Questions?Questions?

Recommandé

OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsGiuseppe Paterno'
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSECMayank Gaikwad
 
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysHow Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysPriyanka Aash
 
Creator IoT Framework
Creator IoT FrameworkCreator IoT Framework
Creator IoT FrameworkPaul Evans
 
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and DevicesTriangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and DevicesTyler Shields
 
Racf psw enhancement
Racf psw enhancementRacf psw enhancement
Racf psw enhancementLuigi Perrone
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.Priyanka Aash
 

Recommandé

OpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsOpenStack: Security Beyond Firewalls
OpenStack: Security Beyond FirewallsGiuseppe Paterno'
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Aws security with HIDS, OSSEC
Aws security with HIDS, OSSECAws security with HIDS, OSSEC
Aws security with HIDS, OSSECMayank Gaikwad
 
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysHow Automated Vulnerability Analysis Discovered Hundreds of Android 0-days
How Automated Vulnerability Analysis Discovered Hundreds of Android 0-daysPriyanka Aash
 
Creator IoT Framework
Creator IoT FrameworkCreator IoT Framework
Creator IoT FrameworkPaul Evans
 
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and DevicesTriangle InfoSecCon - Detecting Certified Pre-Owned Software and Devices
Triangle InfoSecCon - Detecting Certified Pre-Owned Software and DevicesTyler Shields
 
Racf psw enhancement
Racf psw enhancementRacf psw enhancement
Racf psw enhancementLuigi Perrone
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.Priyanka Aash
 
Aws cloud hms service
Aws cloud hms serviceAws cloud hms service
Aws cloud hms serviceMmik Huang
 
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinPriyanka Aash
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Canada
 
ISE_Pub
ISE_PubISE_Pub
ISE_PubWill Hatcher
 
Demystifying TrustSec, Identity, NAC and ISE
Demystifying TrustSec, Identity, NAC and ISEDemystifying TrustSec, Identity, NAC and ISE
Demystifying TrustSec, Identity, NAC and ISECisco Canada
 
OWASP Brisbane - SDN Security
OWASP Brisbane - SDN SecurityOWASP Brisbane - SDN Security
OWASP Brisbane - SDN SecurityDavid Jorm
 
Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Hannes Tschofenig
 
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiKuniyasu Suzaki
 
Software security
Software securitySoftware security
Software securityAkshay Surve
 
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArtDataArt
 
Internet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisInternet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisDaksh Raj Chopra
 
Addmi 14-discovery credentials
Addmi 14-discovery credentialsAddmi 14-discovery credentials
Addmi 14-discovery credentialsodanyboy
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web SystemsInnoTech
 
Designing Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesDesigning Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesPriyanka Aash
 
An easy way into your sap systems v3.0
An easy way into your sap systems v3.0An easy way into your sap systems v3.0
An easy way into your sap systems v3.0Cyber Security Alliance
 
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...Hillel Kobrovski
 
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensicsOleksyk applied-anti-forensics
Oleksyk applied-anti-forensicsDefconRussia
 
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIArash Ramez
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355AndrewRJamieson
 
Bruce Lee Guide to Strategic Content (Remix)
Bruce Lee Guide to Strategic Content (Remix)Bruce Lee Guide to Strategic Content (Remix)
Bruce Lee Guide to Strategic Content (Remix)Steve Floyd
 
palladium
palladiumpalladium
palladiumGulnaz shaik
 

Contenu connexe

Tendances

Aws cloud hms service
Aws cloud hms serviceAws cloud hms service
Aws cloud hms serviceMmik Huang
 
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinPriyanka Aash
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Canada
 
Demystifying TrustSec, Identity, NAC and ISE
Demystifying TrustSec, Identity, NAC and ISEDemystifying TrustSec, Identity, NAC and ISE
Demystifying TrustSec, Identity, NAC and ISECisco Canada
 
OWASP Brisbane - SDN Security
OWASP Brisbane - SDN SecurityOWASP Brisbane - SDN Security
OWASP Brisbane - SDN SecurityDavid Jorm
 
Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Hannes Tschofenig
 
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiKuniyasu Suzaki
 
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArtDataArt
 
Internet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisInternet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisDaksh Raj Chopra
 
Addmi 14-discovery credentials
Addmi 14-discovery credentialsAddmi 14-discovery credentials
Addmi 14-discovery credentialsodanyboy
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web SystemsInnoTech
 
Designing Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesDesigning Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesPriyanka Aash
 
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...Hillel Kobrovski
 
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensicsOleksyk applied-anti-forensics
Oleksyk applied-anti-forensicsDefconRussia
 
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIArash Ramez
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalVinod Kumar
 
IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355AndrewRJamieson
 

Tendances (20)

Aws cloud hms service
Aws cloud hms serviceAws cloud hms service
Aws cloud hms service
 
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and BitcoinCrypto 101: Encryption, Codebreaking, SSL and Bitcoin
Crypto 101: Encryption, Codebreaking, SSL and Bitcoin
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group Tagging
 
ISE_Pub
ISE_PubISE_Pub
ISE_Pub
 
Demystifying TrustSec, Identity, NAC and ISE
Demystifying TrustSec, Identity, NAC and ISEDemystifying TrustSec, Identity, NAC and ISE
Demystifying TrustSec, Identity, NAC and ISE
 
OWASP Brisbane - SDN Security
OWASP Brisbane - SDN SecurityOWASP Brisbane - SDN Security
OWASP Brisbane - SDN Security
 
Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0
 
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
 
Software security
Software securitySoftware security
Software security
 
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt"Mobile security: iOS", Yaroslav Vorontsov, DataArt
"Mobile security: iOS", Yaroslav Vorontsov, DataArt
 
Internet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security AnalysisInternet of things (IoT) Architecture Security Analysis
Internet of things (IoT) Architecture Security Analysis
 
Addmi 14-discovery credentials
Addmi 14-discovery credentialsAddmi 14-discovery credentials
Addmi 14-discovery credentials
 
Architecting Secure Web Systems
Architecting Secure Web SystemsArchitecting Secure Web Systems
Architecting Secure Web Systems
 
Designing Virtual Network Security Architectures
Designing Virtual Network Security ArchitecturesDesigning Virtual Network Security Architectures
Designing Virtual Network Security Architectures
 
An easy way into your sap systems v3.0
An easy way into your sap systems v3.0An easy way into your sap systems v3.0
An easy way into your sap systems v3.0
 
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
הילל קוברובסקי - אתגרי אבטחת מידע והגנת סייבר בחיבור מאובטח לעבודה מרחוק של ע...
 
Oleksyk applied-anti-forensics
Oleksyk applied-anti-forensicsOleksyk applied-anti-forensics
Oleksyk applied-anti-forensics
 
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
 
IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355
 

En vedette

Bruce Lee Guide to Strategic Content (Remix)
Bruce Lee Guide to Strategic Content (Remix)Bruce Lee Guide to Strategic Content (Remix)
Bruce Lee Guide to Strategic Content (Remix)Steve Floyd
 
Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...
Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...
Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...Beat Signer
 
Wireless and Internet Security Principles
Wireless and Internet Security PrinciplesWireless and Internet Security Principles
Wireless and Internet Security Principlespualoob
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptographyguest9006ab
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
latest seminar topics in computer science
latest seminar topics in computer sciencelatest seminar topics in computer science
latest seminar topics in computer scienceRinshad Akbar K K
 
Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...
Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...
Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...Content Marketing Institute
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2infosecedu
 

En vedette (20)

Bruce Lee Guide to Strategic Content (Remix)
Bruce Lee Guide to Strategic Content (Remix)Bruce Lee Guide to Strategic Content (Remix)
Bruce Lee Guide to Strategic Content (Remix)
 
palladium
palladiumpalladium
palladium
 
Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...
Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...
Introduction - Lecture 1 - Advanced Topics in Information Systems (WE-DINF-15...
 
Snort
SnortSnort
Snort
 
Wireless and Internet Security Principles
Wireless and Internet Security PrinciplesWireless and Internet Security Principles
Wireless and Internet Security Principles
 
A Brief History of Cryptography
A Brief History of CryptographyA Brief History of Cryptography
A Brief History of Cryptography
 
Microsoft Palladium
Microsoft PalladiumMicrosoft Palladium
Microsoft Palladium
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
DES
DESDES
DES
 
Cryptography
CryptographyCryptography
Cryptography
 
cryptography
cryptographycryptography
cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
latest seminar topics in computer science
latest seminar topics in computer sciencelatest seminar topics in computer science
latest seminar topics in computer science
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...
Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...
Mastering the Buy-In Conversation on Content Marketing: The Essential Starter...
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2
 

Similaire à lamacchia-palladium

The new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiThe new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiNathan Winters
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramBeyondTrust
 
Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxGiuseppe Paterno'
 
[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protectionHieu Le Dinh
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber SecurityCedar Consulting
 
Study notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerStudy notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerDavid Sweigert
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1bora.gungoren
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentationrohancool
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Ramesh Nagappan
 
File transfer using cryptography techniques
File transfer using cryptography techniquesFile transfer using cryptography techniques
File transfer using cryptography techniquesmiteshkumar82
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjurconjur_inc
 

Similaire à lamacchia-palladium (20)

The new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pkiThe new rocket science stuff in microsoft pki
The new rocket science stuff in microsoft pki
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management Program
 
Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise Linux
 
Cyber tooth briefing
Cyber tooth briefingCyber tooth briefing
Cyber tooth briefing
 
[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security
 
Study notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security PractitionerStudy notes for CompTIA Certified Advanced Security Practitioner
Study notes for CompTIA Certified Advanced Security Practitioner
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentation
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
 
File transfer using cryptography techniques
File transfer using cryptography techniquesFile transfer using cryptography techniques
File transfer using cryptography techniques
 
Rebooting the smartcard
Rebooting the smartcardRebooting the smartcard
Rebooting the smartcard
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
 
Research Paper
Research PaperResearch Paper
Research Paper
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjur
 
Operations: Security
Operations: SecurityOperations: Security
Operations: Security
 
Cyber tooth
Cyber toothCyber tooth
Cyber tooth
 
ITDCC05.ppt
ITDCC05.pptITDCC05.ppt
ITDCC05.ppt
 

lamacchia-palladium

  • 1. An OverviewAn Overview of Palladiumof Palladium Brian A. LaMacchiaBrian A. LaMacchia Software ArchitectSoftware Architect Windows Trusted Platform TechnologiesWindows Trusted Platform Technologies
  • 2. AcknowledgementsAcknowledgements  Key contributors to the Palladium initiative at Microsoft include:  Peter Biddle  John de Treville  Paul England  Butler Lampson  John Manferdelli  Marcus Peinado  Bryan Willman
  • 3. AgendaAgenda  Introduction and Motivation  Architecture  New Security Features  Policy Issues  Summary/Q&A
  • 5. What is Palladium?What is Palladium?  Palladium (Pd) is a set of new security- oriented capabilities in Windows  Enabled by new hardware  Goal is to “protect software from software”  Defend against malicious software running in Ring 0  Four categories of new security features  Sealed storage  Attestation  Curtained memory  Secure input and output
  • 6. Trusted Open SystemsTrusted Open Systems  Our OSs are designed for:  Features  Performance  Plug-ability/Openness  Applications  Drivers  Core OS components  Ease of use, and  Security Contrast this with the design of a smartcard OS
  • 7. Nightmare ScenariosNightmare Scenarios  A virus/Trojan that launches something worse than a denial of service attack:  Trades a random stock (for mischief or profit)  Posts tax-records to a newsgroup  Orders a random book from Amazon.com  Grabs user/password for the host/web-sites and posts them to a newsgroup  Posts personal documents to a newsgroup
  • 9. Palladium At 50,000 Feet: 1Palladium At 50,000 Feet: 1 App OS User Kernel  How do you preserve the flexibility and extensibility that contributes so much to the entire PC ecosystem, while still providing end users with a safe place to do important work?  In particular, how can you keep anything secret, when pluggable kernel components control the machine?
  • 10. Palladium At 50,000 Feet: 2Palladium At 50,000 Feet: 2 Agent Agent  The CPU is either in “standard” mode or “trusted” mode.  Pages of physical memory can be marked as “trusted.” Trusted pages can only be accessed when the CPU is in trusted mode. App OS User Kernel Standard Trusted  The solution: subdivide the execution environment by adding a new mode flag to the CPU. Nexus
  • 11. Palladium At 50,000 Feet: 3Palladium At 50,000 Feet: 3 User Kernel App OS Standard Trusted Agent Nexus Agent SSC Pub/Pri Keys Trusted GPU Trusted USB Hub  Input is secured by a trusted USB ‘hub’ for KB and mouse that carries on a protected conversation with the nexus.  Output is secured by a trusted GPU that carries on a crypto-protected conversation with the nexus.  This gives us “fingertip-to-eyeball” security.  Agents also need to let the user enter secrets and to display secrets to the user.
  • 12. Hardware SummaryHardware Summary  CPU changes  MMU changes  Southbridge (LPC bus interface) changes  Security Support Component (SSC)  New chip on the motherboard (LPC bus)  Trusted USB hub  May be on motherboard, in keyboard, or anywhere in between  Trusted GPU
  • 13. Hardware RequirementsHardware Requirements  SSC – Security Service Component  Think “smart-card soldered to the motherboard”  Cheap, fixed-function device  Contains  At least an AES key and an RSA key pair  AES key & RSA private key never leave the chip  Registers: e.g. the “PCR” (platform configuration register) that contains the digest of the running Nexus  Must be close to the chipset (e.g. not a real smartcard) because it must be involved in nexus initialization  Contains other security “goodness”  RNG, counters, other key-storage, crypto-ops
  • 14. What Palladium ProvidesWhat Palladium Provides  Separate protectedprotected execution environment for applications (computing agents)(computing agents) that need higher security  Hardware-based memory isolation  Privileged services for these agents  Mostly cryptographic services  Agents can be  Standalone  Provide services to other applications  In the long term  “Project trust” into the main OS
  • 15. Palladium Core FeaturesPalladium Core Features  All Palladium capabilities build off of four key features:  Strong process isolation  Root key for persistent secret protection  Secure path to and from the user  Attestation  The first three are needed to protect against malicious code (viruses, Trojans, etc.)  Attestation breaks new ground  Facts about “things” (SW, users, machines, services) can be proved to (and believed by) remote entities.
  • 16. Code Identity in PalladiumCode Identity in Palladium  The Palladium security model assigns access rights to code identities  Palladium always knows what code is running in the right-hand side  Booting a nexus (security kernel) causes the SSC to compute the hash of the nexus and store it in a read-only register (PCR)  Change the nexus, change its identity  The nexus recursively provides similar features for notarized computing agents executing in trusted mode
  • 17. Code IdentityCode Identity OS Identity:OS Identity: •Keep the hardware simple! •The SSC/chipset measures the digest of the nexus on “secure initialization.”SSC Nexus Agent Agent Hardware “OS” Applications App Identity:App Identity: •Could be a digest, but we actually use a “manifest” – simplifies management
  • 18. Sealed StorageSealed Storage  Allows SW to keep long-lived secrets safe from other SW running on the host  An encryption technology  But more than simple encryption  An OS/nexus can keep secrets from other OSs  If an OS can keep a secret, it can provide a similar service to applications  How do we do this?  Use the PCR value to “brand” encrypted secrets with the identity of the code that “owns” them.  Owners of secrets can also designate alternate recipients (necessary for update & migration)
  • 19. Sealed StorageSealed Storage (Allowing code to keep secrets)(Allowing code to keep secrets)  SSC Seal/UnSeal functions  Seal(secret, PCR value) -> Blob  Says “encrypt this secret so that only the named nexus can retrieve it”  UnSeal(Blob) -> secret (or error)  If the hash of the current Nexus (current PCR value) is the exact same one included in the blob:  Return the secret  Otherwise  Return an error  Implementation: (e.g.) AES using SSC’s key
  • 20. AttestationAttestation  Attestation lets a remote client know what SW is running  OS / Nexus  Application  Client policy (virus checker, admin access, etc.)  Attestation is an authentication technology  But more than “simple signing”  Enables authentication of a software configuration (nexus, application process)
  • 21. AttestationAttestation (How code authenticates itself)(How code authenticates itself)  SSC Quote Function  Quote (string) -> Sign[string | PCR value]  Protocol building-block:  Server/peer:  Checks signature  Checks certificates on signing key  Checks nexus digest is as expected  Knows “MS Nexus on Acme Trusted Platform”  Implementation: RSA using SSC key pair
  • 22. Secure User Input and OutputSecure User Input and Output  Isolation, sealed storage and attestation aren’t enough, however, to keep secrets safe  Why?  Because users can be fooled into thinking they’re talking to Palladium when they’re not  We also have to protect the channels to/from the user again sniffing  Keyboard, frame buffer, etc.  User / Application Relationship  Protected path between user and application
  • 24. Policy IssuesPolicy Issues Some of the technical issues we have to solve to make Palladium successful also have policy components to them. For example:  How do we in practice build an “attestable” TCB?  “Attestable” == open, auditable, comprehensible and provable to a remote party  Since the Pd RSA key pair is unique to the platform, what steps should we take to defend against traffic analysis of user behavior?
  • 25. Nexus PoliciesNexus Policies  Everything that runs today will run on Pd systems  The platform will run any nexus  The user will be in charge of what nexuses he chooses to run  The MS nexus will run any application  The user will be in charge of the applications that he chooses to run  The MS nexus will interoperate with any network service provider  The MS nexus source code will be made available for review
  • 26. Privacy of Machine IdentitiesPrivacy of Machine Identities  The issue: Palladium uses at least two sets of unique hardware keys (one AES key, one RSA key pair):  These keys are essentially equivalent to unique machine identifiers  But this is the only way we can keep your stuff safe!  Sealed Storage:  Uses a unique AES key, but the algorithms are:  Opt-in (user designates what software can access the functions)  Randomizing (can’t decide whether two ciphertexts were created on the same machine)  Attestation:  Uses a unique RSA key, but is designed to authenticate the platform  Opt-in (user designates what software can access the functions)  We strictly control HW authentication key disclosure  The hardware has privacy safeguards built into it  Access to the RSA public key components is restricted  In the current design, only one export of the RSA public key is allowed per power cycle
  • 27. Pseudo-IdentitiesPseudo-Identities  If every party I communicate with needs my HW RSA public key to encrypt some information for me, then that key becomes a platform ID.  We need at least another layer of indirection  We need to make it easy and cheap to generate temporary pseudo-identities (RSA key pairs) that can be authenticated as belonging to some Pd machine but not any particular Pd machine  Use the HW key once to get the pseudo- identity certified as belonging to a Pd platform, then use the pseudo-identity key  Ultimately, this means we need to create a market in pseudo-identities and pseudo-identity providers.
  • 28. Registering a Pseudo-Registering a Pseudo- IdentityIdentity Pseudo-identityPseudo-identity certifier/providercertifier/provider (third-party CA)(third-party CA) CertCertPd-class PCPd-class PC SSC key pair and cert from manufacturer Randomly-generated RSA key pair CertCert Send both public keys, proof-of-possession for both keys and the cert to the CA CA verifies both POPs and the cert, and issues a new cert on the random key that doesn’t reference the SSC key or cert CertCert
  • 29. SummarySummary  Palladium is a hardware-based secure execution environment  Palladium processes are isolated from each other by the hardware  Palladium processes can store & retrieve secrets securely (based on their hash value)  The nexus provides an execution environment and security/crypto-services to hosted agents  Hardware provides crypto services to the nexus  Recursively, the nexus provides these same services to agents running on top of it
  • 30. LCS/CIS Seminar on PalladiumLCS/CIS Seminar on Palladium  Want more details on Palladium?  Come to my talk tomorrow!  Friday, 10/18, 10:30am-12pm  Right here in NE43-518