310 likes | 557 Views
The Trusted Computing (TC) and Next Generation Secured Computing Base (NGSCB). Joseph Yu Jeffrey Khuu CS158B Dr. Stamp. Table of Contents. Introduction TC TCG NGSCB TC NGSCB Architecture Features Analysis of NGSCB Summary. Introduction – TC, TCG, NGSCB.
E N D
The Trusted Computing (TC) and Next Generation Secured Computing Base (NGSCB) Joseph Yu Jeffrey Khuu CS158B Dr. Stamp NGSCB
Table of Contents • Introduction • TC • TCG • NGSCB • TC • NGSCB • Architecture • Features • Analysis of NGSCB • Summary NGSCB
Introduction – TC, TCG, NGSCB • TC = Trusted Computing, TCG = Trusted Computing Group, NGSCB = Microsoft’s TC • Original Motivation for TC: • TC was intended for DRM • Limits the abuse of file sharing over the network • Prevent making illegal copies without the authorization from the vendor • Restrict user’s computing actions NGSCB
Introduction - TC • Current Motivation for TC: • “For years, Bill Gate has dreamed of finding a way to make the Chinese pay for software: TC looks like being the answer to his prayer.” – Ross Anderson • TC extend way more than DRM: It gives more authorizations to the computers over users NGSCB
Introduction - TC • Fundamental Concept of TC • Software runs and communicates securely over applications and servers • Use “locked-down” architecture • Hardware level cryptographic keys for encryption and authentication • Tamper-resistant • Seal secure data within curtained memory • Input/Output communication path are encrypted NGSCB
Introduction - TCG • Many vendors provide hardware support for major components of NGSCB • For example, Intel’s LaGrande Technology (LT) and AMD’s Secure Execution Mode (SEM) technology • TCG is an alliance of Microsoft • Manage TC activities for different hardware/software vendors: AMD, HP, IBM, and others NGSCB
Introduction - TCG • Goal: • Claimed: Non-Profit industry standards organization to enhance the security and computing in different platforms • Provide a secured TCB for the system • Activities: • Formed in Spring 2003 and adopted a set of specification made by Trusted Computing Platform Alliance (TCPA) NGSCB
TC • What is Trusted Computing? • Trusted Computing Base (TCB) • TCB • “TCB is everything in operating system that we rely on for security” Dr. Stamp • If TCB is damaged/non-secured, the whole system broken. • If the system is broken, and TCB is ok. We still have system security • Part of the system (combines software and hardware components) • Responsible for regulate information security policies • Consist of Kernel, OS NGSCB
TC -- overview NGSCB
TC • Should be expected the computing behave the way we wanted and do what we wanted securely • Any trusted platform has the following three fundamental features: • Protected Capabilities • Integrity Capabilities • Integrity Reporting NGSCB
NGSCB • Microsoft’s version of TC: NGSCB • Will be implemented in the upcoming version of Windows: as known as Microsoft Windows Longhorn • Architecture • Computing Environments • Four Features of NGSCB NGSCB
NGSCB - architecture NGSCB
NGSCB - architecture • Two primary system components in NGSCB • Nexus • Special kernel (core of the trusted operating) • Goal: Isolate the process of normal mode and trusted mode differently in memory • Functionality: Authenticate and protect data (entered, stored, communicated, and displayed) by data encryption • Nexus Computing Agent (NCA) NGSCB
NGSCB - architecture • Nexus Computing Agent (NCA) • Trusted software component • Runs in trusted mode that communicates with Nexus • Open-source for NCA specifications • Developers can make their own agents to run on the trusted platform NGSCB
NGSCB – Computing Environments Overview • NSGCB operates two operating systems in ONE system • Two Modes: • Normal Mode vs. Trusted Mode • Normal Mode: • Un-protected environment • Same as our current Windows series • Fully Controlled by the users • Trusted Mode: • Protected environment • Users have no authorities to modify, delete, or copy ANY content. • Implemented TC: Hardware and Software implementation • Fully Controlled by the computers NGSCB
NGSCB – operating environments • Microsoft claimed: “Only an NGSCB trusted application, NCA, can run securely within the protected operating environment.” • NCA • Defined by software developers • Policies • Security authentication • Security authorization NGSCB
NGSCB - Features • Claimed: Four Features • Strong Process Isolation • Sealed Storage • Attestation • Secured Path to the user NGSCB
NGSCB – Four Features • Strong Process Isolation • Isolate protected and non-protected operating environment that are stored in the same memory • Blocks the access of Direct Memory Access (DMA) devices in term of writing and reading to secured block of memory • Block access of malicious code • Claimed: “no illegitimate access will occurring in protected environment” NGSCB
NGSCB – Four Features • Sealed storage • Ensure the privacy of NGSCB data are not being exposed • NGSCB use Security Support Component (SSC) to do this • SSC has own encryption services and can be managed by the Nexus • Use Advance Encryption Standard (AES), pair of public and private keys, and keys derived for trusted application NGSCB
NGSCB – Four Features • Sealed Storage • NCA uses these keys to encrypt data, access file system, and provide storage services. • Claimed: No unauthorized application can read the sealed storage whatsoever (at boot up, or running) NGSCB
NGSCB – Four Features • Cryptographic Attestation • Confirm the recipient that the data was digital signed by the NGSCB and data was cryptographically identifiable • Authenticates software Process • Prove application identity • Useful in networking, prove its identity securely before transmit any data. • Avoid Man in the Middle attack? NGSCB
NGSCB – Four Features • Secure Path to the user • Ensure the information remains securely through the input/output of the devices. • Encrypt the input/output, creates a secure path. • Protects computer from: • Keystroke recorded • Hardware devices • Need to upgrade current hardware devices: mouse/keyboard/USB devices/ video adapter • Input: upgrade to USB devices: Smart cards, biometrics, others • Output: upgrade to Graphic adapter, which prevent read/write to video memory NGSCB
NGSCB Applications • Many applications involved NGSCB: regular computing, networking, DRM, others • Example: Microsoft Word • Restrict user: • View/Copy/Write/Open/Close • Not compatible with other *.doc applications, ie. OpenOffice • Written document is Signed and Encrypted with Microsoft Word --- Only Word has the private key to decrypt it NGSCB
NGSCB Application • Networking application: • Cannot file-sharing via P2P • Cannot open your friend’s packed programs • Presumably Secured with connected in network • Good for networking? • Microsoft Explorer / Outlook • User might be able to see the content but not able to “Copy-and-Paste” to other applications • Users have no right to “do whatever they wanted to do” NGSCB
Analysis of NGSCB • Current Problematic Computing • User can do whatever they wanted to do in computer – taking all responsibility • Unprotected: Virus, worms, keystroke, spywares • Abuse of file-sharing digital contents • As a conclusion, we DO need a better computing protection operating system NGSCB
Analysis of NGSCB • Will NGSCB be the solution? • Human nature to control over things and not to be controlled by others. • “People will not use it if it blocks and restricts them doing what they want to do.” Quote • NGSCB will fails: • Companies will not tolerate attestations on the network and through the firewall every time their employee wants to open a file. • They want open the application FAST! NGSCB
Analysis of NGSCB • NGSCB will fails to work with DRM • There is always WAYS to workaround of things. • Music for example • User still can record what comes out from the speaker, (poor quality but so what, it’s FREE) • Recorded and make MP3 out of it • Copy content for example • Take a screen shot, digital camera? NGSCB
NGSCB • As a summary of our presentation: • NGSCB will fail. • People will use alternative products: • Apple OS • Linux • Stay with Microsoft XP ?? NGSCB
Q/A Q/A NGSCB
References • [1] Mark Stamp's CS166 software presentation slides • http://www.cs.sjsu.edu/~stamp/CS166 • [2] System Management Concepts: Operating system and Devices • http://www.unet.univie.ac.at/aix/aixbman/admnconc/tcb.htm • [3] TCG Specification Architecture Overview • https://www.trustedcomputinggroup.org/downloads/TCG_PCSpecificSpecification_v1_1.pdf • [4] Microsoft’s Next Generation Secured Computing Base Overview • http://www.microsoft.com/resources/ngscb/NGSCB_Overview.mspx • [5] NGSCB Security Model • http://www.microsoft.com/resources/ngscb/documents/NGSCB_Security_Model.doc • [6] Trusted Computing and NGSCB • http://www.cs.bham.ac.uk/~mdr/teaching/TrustedComputing.html • [7] Ross Anderson's Trusted Computing FAQ • http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html • [8] Microsoft’s resource for NGSCB • http://www.microsoft.com/resources/ngscb/productInfo.mspx • [9] Microsoft's NGSCB four features • http://www.microsoft.com/resources/ngscb/four_features.mspx NGSCB