1 / 17

RE-TRUST Meeting 30 – May – 2005 Trento, Italy

RE-TRUST Meeting 30 – May – 2005 Trento, Italy.

khuyen
Download Presentation

RE-TRUST Meeting 30 – May – 2005 Trento, Italy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. RE-TRUST Meeting30 – May – 2005Trento, Italy Outline- List of Participants- Administrative Organization- Draft WPs, Tasks, Gantt- WP components- Meeting Minutes- Functional Descriptions: - Remote Entrusting - SW-based Tamper Resistance – TR - SW/HW-based Tamper Resistance - TR

  2. RE-TRUSTList of Participants – 30/5/2005 • P1: UNITN - Universita' di Trento - ITALY • Yoram Ofek - ofek@dit.unitn.it • Fabio Massacci - massacci@dit.unitn.it • Harshit Shah - harshit@tcs.tifr.res.in • P2: POLITO - Politecnico di Torino - ITALY • Mario Baldi – mario.baldi@polito.it; • Riccardo Scandariato - riccardo.scandariato@polito.it • Stefano Di Carlo - dicarlo@polito.it • P3: IBM Research – Zurich - SWITZERLAND • Matthias Schunter - mts@zurich.ibm.com • P4: GP - Gemplus - FRANCE • P5: KUL - Katholieke Universiteit Leuven - BELGIUM • Klaus Kursawe - kkursawe@esat.kuleuven.ac.be;   • P6: VUA – Vrije Universiteit– The NETHERLANDS • Bruno Crispo - crispo@cs.vu.nl • P7: SPIIA - St. Petersburg Institute for Informatics and Automation - RUSSIA

  3. List of Project Participants • P1: UNITN - Universita' di Trento - ITALY • Yoram Ofek - ofek@dit.unitn.it • Fabio Massacci - massacci@dit.unitn.it • John Mylopoulos - jm@cs.toronto.edu • P2: POLITO - Politecnico di Torino - ITALY • Paolo Prinetto - Paolo.Prinetto@polito.it • Mario Baldi – mario.baldi@polito.it • Riccardo Scandariato - riccardo.scandariato@polito.it • P3: IBM Research – Zurich - SWITZERLAND • Michael Waidner - wmi@zurich.ibm.com • Matthias Schunter - mts@zurich.ibm.com • Jan Camenisch - jca@zurich.ibm.com • P4: GP - Gemplus - FRANCE • Bruno Rouchouze - Bruno.ROUCHOUZE@gemplus.com • Laurent MANTEAU - Laurent.MANTEAU@gemplus.com (Cooperative R&D Manager Business Development Group) • David NACCACHE - David.NACCACHE@gemplus.com • P5: KUL - Katholieke Universiteit Leuven - BELGIUM • Bart Preneel - bart.preneel@esat.kuleuven.ac.be • Karel Wouters - kwouters@esat.kuleuven.ac.be • Klaus kursawe- kkursawe@esat.kuleuven.ac.be • P6: VUA - Vrije Universiteit – The NETHERLANDS • Andrew Tanenbaum - ast@cs.vu.nl • Bruno Crispo - crispo@cs.vu.nl • Chandana Gamage - chandag@cs.vu.nl • P7: SPIIA - St. Petersburg Institute for Informatics and Automation - RUSSIA • Igor Kotenko -ivkote@mail.iias.spb.su

  4. Administrative Organization • Project secretary - Riccardo Scandariato • WPs editors (may change as we progress) • WP0 – UNITN • WP1 – UNITN • WP2 - POLITO • WP3 – KUL • WP4 – UVA • WP5 – IBM • WP6 – UNITN Next on the agenda: - Conference call - Trip to Brussels

  5. Draft June 24: WPs, Tasks, Gantt (y1,y2,y3) • WP0: Coordination and Management - UNITN • WP1: Overall architecture (y1, a: initial, y3-b: final) - UNITN • T1.1: Reference Applications and Requirements (grid, chat client, mobile, …) - UNITN • T1.2: SW-app + SW-based tamper resistance (TR) - POLITO • T1.3: SW-app + SW/HW-based tamper resistance (TR) – KUL/UNITN • T1.4: Design of applications using HW/SW methods (y3) – polito • Reference architeture • WP2: SW-based TR (y1-y2); y1: design; y2: PoC - POLITO • T2.1: Replacement – POLITO • T2.2: Obfuscation - KUL • T2.3: Secure interlocking of two programs – POLITO • T2.4: Each includes sec analysis (goals, assumptions, …) – KUL/POLITO • WP3: HW/SW-based TR (y2-y3 ); y2: design; y3: PoC - KUL • T3.1: Using HW to improve SW-based TR – KUL • T3.2: Splitting program into SW/HW parts – KUL/GEMPLUS • T3.3: Security protocols for four-tier trust (entruster, app, SW-TR, HW-TR) – KUL/ ibm 6 pm • T3.4: Using PCs as extension of secure HW - GEMPLUS • T3.5: Secure downloading into OS+SC - GEMPLUS • T3.6: Each includes sec analysis (goals, assumptions, …) – VUA • WP4: Security analysis (y2: SW-based, y3: SW/HW+overall) - VUA • T4.1: Overall Security analysis of the SW-based technology - VUA • T4.2: Security analysis of the SW/HW based technology - VUA • T4.3: Comparison with security achieved by TCG – IBM w-p • T4.4: Implementability of the security assumptions – IBM w-p • WP5: Remote verification and trust management – IBM w-p 2 pp. 14pm tot. • WP6: Dissemination, etc. - UNITN

  6. Initial Draft: WPs, Tasks, Gantt (y1,y2,y3) • WP0: Coordination and Management - UNITN • WP1: Overall architecture (y1, a: initial, y3-b: final) - UNITN • T1.1: Reference Applications and Requirements (grid, chat client, mobile, …) - UNITN • T1.2: SW-app + SW-based tamper resistance (TR) - POLITO • T1.3: SW-app + SW/HW-based tamper resistance (TR) – KUL/UNITN • T1.4: Design of applications using HW/SW methods (y3) – polito • Reference architeture • WP2: SW-based TR (y1-y2); y1: design; y2: PoC - POLITO • T2.1: Replacement – POLITO • T2.2: Obfuscation - KUL • T2.3: Secure interlocking of two programs – POLITO • T2.4: Each includes sec analysis (goals, assumptions, …) – KUL/POLITO • WP3: HW/SW-based TR (y2-y3 ); y2: design; y3: PoC - KUL • T3.1: Using HW to improve SW-based TR – KUL • T3.2: Splitting program into SW/HW parts – KUL/GEMPLUS • T3.3: Security protocols for four-tier trust (entruster, app, SW-TR, HW-TR) – KUL/ ibm 6 pm • T3.4: Using PCs as extension of secure HW - GEMPLUS • T3.5: Secure downloading into OS+SC - GEMPLUS • T3.6: Each includes sec analysis (goals, assumptions, …) – VUA • WP4: Security analysis (y2: SW-based, y3: SW/HW+overall) - VUA • T4.1: Overall Security analysis of the SW-based technology - VUA • T4.2: Security analysis of the SW/HW based technology - VUA • T4.3: Comparison with security achieved by TCG – IBM w-p • T4.4: Implementability of the security assumptions – IBM w-p • WP5: Remote verification and trust management – IBM w-p 2 pp. 14pm tot. • WP6: Dissemination, etc. - UNITN

  7. WP Components Please use the enclosed WP template • For each WP: • Description of research activities and their inter-relationships: • B.1 Scientific and Technological Objectives of the Project and Comparison to the State of the Art • B.2 Relevance to the Objectives of FET Open • B.3 Potential Impact [Note: selected parts will be moved to the body of the proposal] • Tasks • Deliverables • Papers, reports, • PoC – Proof of Concept – examples: • Software demonstrations • Algorithmic design with formal proofs • Complexity analysis (e.g., “de-hiding”) • … … … • Milestones • {IST Definition: Milestones are control points at which decisions are needed; for example concerning which of several technologies will be adopted as the basis for the next phase of the project.}

  8. Minutes by Riccardo – 1/6 • Morning session • --------------- • 1) Ric presentation • Mathias comment: state the assumptions to prove that the approach work • 2) Yoram: explains the reference model • - Method 1 • - Method 2 • - Conditional computing might be easier than conditional playback • Comments • Mathias: • IBM has some work on Grid stuff • Can be simpler than DRM if we only care about integrity of data • Interesting question: which is the minimal TCG h/w you need to build up trust on stacked (s/w) modules • Bruno/Klaus: • this is the level we can push forward with all-software... but can be necessary to introduce h/w • to get bullet-proof security... well, let us find the minimal h/w platform... this type of discussion • must be in the proposal • Yoram: • TCG oblige trust to be extended to the whole platform • we want something than can be tailored, e.g. to the level of a single application (all the rest is untouched) • Mathias/Bruno • look at connections with mobile agents security (similarities with our project) -> protecting agents

  9. Minutes by Riccardo – 2/6 • 3) Stefano presentation • Presented three "dependability-related" techniques, which can be applied to the security field: • - invariants over application variables • - variable duplication • - Control flow check by regular expression • Comments • Mathias: concerning PROMON, there's a lot of related work in the area of behavior-based intrusion detection • concerning RECCO, errors during computation are not covered (assumption: CPU is protected) • comments from Bruno/Riccardo : stress of effectiveness and measures • 4) Mathias presentation • Mathias/Ian group working on anonymous attestation for TCG • - idemix: proof of authenticity of machine without revealing any identification info • Direct Anonymous Attestation (DAA) • - now part of TPM chip • - can be done in software • SLA: proof that machine is providing a trusted implementation (e.g. of an API)... • actual implementation does not care (e.g. a Win implementation vs a Lin implementation) • Linux prototype: • Domain: set of corporate machine that are continuously checked by a central server, • to check their configuration • After the fact: log of what happened (the approach does not prevent loading an untrusted module. • Still, it will let you attest that an untrusted module has been loaded, by analyzing the logs) • - You need to know in advance the correct configuration, in order to check that nothing illegal happened

  10. Minutes by Riccardo – 3/6 5) Klaus presentation Sobenet: white box crypto, code obfuscation Interests in RE-TRUST - software security - Interface with HW (and HW/SW codesign) MS: secure compartments (microkernel) plus TPM chip used for HD encryption 6) Bruno presentation Distributed system group (50 peoples, 4 full professors) Four sub-groups: Dist Sys, Parallel programming and grid, Intelligent autonomous agents, security group Current activities and Interests for RE-TRUST Secure OS: micro kernel - Drivers - MMU Distributed enforcement: 1) Controlled information dissemination 2) local enforcement Example policies: "Read/write file x only 7 times" or "Read file x only if file y satisfies some properties" (similar to DRM) To enforce such policies, TPM plus the secure OS is not enough (we are in a distributed environment). An additional middleware layer is needed (specifically a reference monitor) - Yoram (general question) Supposing TPM is on a USB device, would it matter? Can we implement the TCG approach with the chip on a USB token? Probably yes (by adapting BIOS), but this is not TCG compliant (standard requires the TCM is bound to a particular machine)

  11. Minutes by Riccardo – 4/6 • Original plan was to resort to TC if software, or software plus soft h/w, is not enough. • Probably, we can stick to soft hardware (as far this project is concerned) • We can talk of "security token" or "trusted hardware" (in general) without saying whether • that will be a TPM on a USB device (or smart card) or a "real" TCG-compliant TPM • -> trusted hardware connected to an I/O port (without touching the motherboard) • 7) Massacci presentation • Enforceable security policies (Snider): Enforcer (security monitor) is outside and check • the application by looking at a subset of the application I/O (and temporal dimension) • Afternoon session • ----------------- • Agreement on straw-man scheme (2 levels) • "trusted hardware" (in general) without saying whether that will be a TPM on a device connected • to an I/O port or an on-board TPM • Is it possible to plug in h/w without transitive trust? • I.e. application stacked on secure OS, stacked on TPM () • Focus on applications or on mechanisms? • -> OPEN ISSUE : IDENTIFICATION OF TARGET APPLICATIONS !!!!!

  12. Minutes by Riccardo – 5/6 WPs + TASKS + MILESTONES + DELIVERABLES ====================================== => Overall Architecture: (y1, a: initial, y3-b: final) << TRENTO >> -> Reference Applications and Requirements (grid, banking client, mobile) -> SW->Application + SW Based Tamper Resistance -> SW->Application + SW/HW Based Tamper Resistance -> Design of applications using HW/SW methods (Validation ...) <(y3) <IBM>> => SW-Based Tamper Resistance (y1-y2); y1:design; y2: PoC <<TORINO>> -> Replacement <<TORINO>> -> Obfuscation <<LEUVEN>> -> Secure interlocking of two programs -> Something else -> Each includes sec analysis (goals,assumptions) => HW/SW based TR (y2-y3); y2:design; y3:PoC <<LEUVEN>> -> Using HW to improve SW-based TR <<LEUVEN>> -> Splitting program into SW/HW parts <<LEUVEN>> -> Security protocols for four-tier trust (entruster, app, SW-TR, HW-TR) <<LEUVEN>> -> Using PCs as extension of secure HW <<GEMPLUS>> -> Secure downloading into OS+SC <<GEMPLUS>> -> Each includes sec analysis (goals,assumptions) <<VUA*>>

  13. Minutes by Riccardo – 6/6 => Security Analysis (y2: sw-based, y3: sw/hw+overall) <<VUA*>> -> Overall Security analysis of the SW-based technology -> Security analysis of the SW/HW based technology <<VUA*>> -> Comparison with security achieved by TCG <<IBM> -> Implementability of the security assumptions <<IBM>> => Remote verification and trust management <<IBM>> * AMSTERDAM OTHER WORKPACKAGES =================== => Coordination/Management <<TRENTO>> => Dissemination <<TRENTO>> REFERENCE MODEL: ================ +------------------+ +---+ +-------+ Public Channel +-----------+ |Trusted Component |---> |APP| ----> |OBF App| -------------------> |Smart Card | | |<--- | | <---- | | <------------------- | | +------------------+ +---+ +-------+ +-----------+

  14. Functional Description: Remote Entrusting • 2nd Entrusting Machine is ENTRUSTING the 1stUntrusted machine by verifying the Secure Tags • 1st Untrusted machine emanates Secure Tags from a code/software during execution IP Network Secure Tags Core of Trust 2nd Entrusting Machine 1st Untrusted Machine Entrusting

  15. Definition of Trustfor Remote Entrusting A software (code/protocol) is deemed authentic/trustedif and only if its functionality has not been altered/tampered by an untrusted/unauthorized entityprior to or during execution

  16. Functional Description: SW-based Tamper Resistance - TR Obfuscating Compiler Secure tag generator Code Replacement Core of Trust 2nd Entrusting Machine Application on 1st untrusted Machine Obfuscated Tag Generator Messages + Tags Observes the application and generates tags securely

  17. Functional Description: SW/HW-based - TR Obfuscating Compiler Secure tag generator Code Replacement Untrusted “public” channel: OS, etc. Core of Trust Application on 1st untrusted Machine Secure Hardware: Smart card, etc. Obfuscated Tag Generator 2nd Entrusting Machine Messages + Tags Observes the application and generates tags securely

More Related