1 / 22

The Double-System Architecture For Trusted OS

The Double-System Architecture For Trusted OS. Paper By Yong Zhao, Yu Li and Jing Zhan Presentation By Richa Upadhyaya. Contents. 1. Introduction 2. Related Work 2.1 Flask 2.2 Next Generation Secure Computing Base 2.3 Terra 3. Double-System Architecture 3.1 Trusted System

mervyn
Download Presentation

The Double-System Architecture For Trusted OS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Double-System Architecture For Trusted OS Paper By Yong Zhao, Yu Li and Jing Zhan Presentation By Richa Upadhyaya

  2. Contents 1. Introduction 2. Related Work 2.1 Flask 2.2 Next Generation Secure Computing Base 2.3 Terra 3. Double-System Architecture 3.1 Trusted System 3.2 Secure System 3.3 DSA Features

  3. Contents 4. Double-system Architecture Implementation 4.1 Construction Of Secure System 4.2 Construction Of Trusted System 4.3 Construction Of Trusted Information Channel 4.4 Security Analysis 4.5 Performance 5. Conclusion

  4. Introduction Double-system Architecture (DSA) is composed of the Trusted System (TS) and the Security System (SS). To protect the information flow between Trusted System and Security System there is Trusted Information Channel (TIC). Why DSA? Till now there are no mature, unified architectures for Trusted Operating System. DSA can solve this problem.

  5. Related Work 2.1 Flask Cleanly separates the definition of the policy logic from the enforcement mechanism Security server Object managers

  6. Related Work 2.2 Next Generation Secure Computing Base Strong process isolation Sealed storage Secure path to and from the user Attestation- assure the recipient that the data was constructed by an unforgettable, cryptographically identified trusted software stack

  7. Related Work 2.3 Terra Trusted virtual machine monitor which partitions a tamper-resistant hardware platform into multiple, isolated virtual machines.

  8. Double-system Architecture Application Trusted system (TS) Secure System (SS) Traditional OS Kernel Trusted Platform Module (TPM)

  9. Double-system Architecture 3.1 Trusted system Trusted Measurement Module does the measuring work on the subject, object and on the behavior of the subject Trusted Services Module provides interfaces for encryption and decryption by TPM Trusted Report Module sends the trusted measurement results to Secure system

  10. Double-system Architecture 3.2 Secure System User Identification Access control Hook - takes the access request and sends to Trusted System. Decision Mechanism- decides whether the access request is permitted or not. Security Policy Library- helps Decision Mechanism.

  11. Double-system Architecture 3.2 Secure System Isolation Mechanism Logically isolates traditional OS from DSA Logically isolates TS and SS Audit Records the access request and the result

  12. Double-system Architecture 3.3 Features Relationship between Trusted System(TS) and Secure System (SS) With the trusted environment provided by TS, the SS confirms the security of OS Trusted Information Channel (TIC) Secure information transmission between TS and SS TIC has two functions Trusted Transmission Block the unexpected information flow-“Default Deny”

  13. Double-system Architecture Implementation 4.1 Construction of Secure System Development of file system filter driver and a device filter driver in Windows XP according to the Double-system Architecture. Hook module hooks the access request Request to load process into the memory Add record Get the access request, subject’s ProcessID and full path name of the process Retrieval of the object and the operation type

  14. Double-system Architecture Implementation 4.1 Construction of Secure System Security Policy Library is recorded in file SecurityPolicy.skr Decision Mechanism is the return value of the dispatch function. Audit Module writes the record in file Audit.skr

  15. Double-system Architecture Implementation 4.2 Construction of Trusted System Use of White-List technology to check the integrity of the executable codes. Use of ThinkPad X61t Atmel TPM (Trusted Platform Module ) All checksum values of executable codes are collected in file FileInfoList.skr Trusted system receives information (Sub,Obj,Behavior) from Secure System and checks the integrity with checksum value. Trusted Report Module will send the result of the integrity to the Secure System.

  16. Double-system Architecture Implementation 4.2 Construction of Trusted System

  17. Double-system Architecture Implementation 4.3 Construction of Trusted Information Channel Devise filter driver is developed according to the Double-system architecture. The information from Secure System is encrypted and integrity check information is added. Device filter driver will decrypt the received data and verify the integrity.

  18. Double-system Architecture Implementation 4.4 Security Analysis Trusted System and Secure System cooperate with each other. Credibility of subject and object can be ensured. Check the behavior of the subject.

  19. Double-system Architecture Implementation 4.5 Performance Testing program ‘Q’ was created Choose a program for test, for example Program o Create three treads which complete the operation (Start o, Kill o) 100 times Get the time which Q costs Efficiency of the Operating system decreased only by 3.2%

  20. Conclusion Double-System Architecture can provide reliable protection for the OS. DSA can check the integrity of the subject, object and the behavior. Makes clear relationship between the security mechanism and the trusted mechanism .

  21. References http://www.sciencedirect.com/science/article/pii/S1875389212007584 http://www.cs.utah.edu/flux/fluke/html/flask.html http://technet.microsoft.com/en-us/library/cc723472.aspx Trent Jaeger. Operating System Security 2008

  22. The End Questions

More Related