Trusted _Computing _security mobile .ppt

Trusted _Computing _security mobile .ppt

• 1.
  Trusted Computing Asmaa ALQassabNagham ALLella Lubna Supervised by Dr. Najlaa
• 2.
  WHO DO ITRUST? • Today a computer trusts one of two entities in a user and hacker model. • The user is trusted and the hacker is not. • But when does a computer know that the user is not doing something harmful? • With TC the user and the hacker are both not trusted. This ensures that nothing is done that can compromise the security of the PC.
• 3.
  WHY TC? “The theoryis that software based key generation or storage will always be vulnerable to software attack, so private keys should be created, stored, and used by dedicated hardware”
• 4.
  TRUSTED COMPUTING: BASICIDEA • Addition of security hardware functionality to a computer system to compensate for insecure software. • Enables external entities to have increased level of trust that the system will perform as expected/specified. • Trusted platform = a computing platform with a secure hardware component that forms a security foundation for software processes. • Trusted Computing = computing on a Trusted Platform .
• 5.
  SO HOW DOESTC WORK? • For TC to work you have to use the Trusted Computing Module TPM which is a hardware system where the core (root) of trust in the platform will reside. • TPM will be implemented using a security microchip that handles security with encryption.
• 6.
  WHAT IS ATPM? • A chip integrated into the platform • The (alleged) purpose is to provide more security • It is a separate trusted co-processor “The TPM represents a separate trusted coprocessor, whose state cannot be compromised by potentially malicious host system software.”
• 7.
  THE TRUSTED COMPUTINGGROUP • The Trusted Platform Module TPM is an international standard for a secure crypto- processor. • The TPM technical specification was written by a computer industry consortium called the Trusted Computing Group TCG. • The Trusted Computing Group is a non-profit industry consortium, which develops hardware and software standards. It is funded by many member companies, including IBM, Intel, AMD, Microsoft, Sony, Sun, and HP among others. •
• 8.
  ATTESTATION The TPM's mostcontroversial feature is attestation, the ability to measure the state of a computer and send a signed message certifying that particular hardware or software is or isn't present. Most TC opponents fear that this will be abused by vendors [1].
• 9.
  HOW? • PKI privatekeys could be stored in the chip. • PK signatures calculated in the chip itself, never visible outside • Random number generators • SHA-1 encryption • Monotonic counters • Process isolation (encrypted I/O, prevents keystroke loggers, screen scrapers.
• 10.
  HOW? • Protection frommalware and detection of compromised systems. [4] Shows that syslogd has been compromised by a root kit. • Tick counter, Timestamps are a security critical parameter in KERBEROS. • Provide stronger 2 factor authentication.
• 11.
  WHAT’S NEW? • Conceptually,not much. Most, if not all of the security ideas already exist • What TPMs bring to the table is a secure sealed storage chip for private keys, on-chip crypto, and random number generators among others • The state of the TPM can not be compromised by malicious host software
• 12.
  CONS • Advanced featureswill require O/S support. • Microsoft's NGSCB (Longhorn Due 2006 ???) • Will require rewrites to interface with the NEXUS. • Potential for abuse by Software vendors. • Is trusted computing just DRM on steroids? • Is TC a security tool or cash flow weapon? • Co-processor or Cop-processor?
• 13.
  PRO VS. CON •Great for Corporations and Government • Prevents unauthorized software • Helps prevent malware • User privacy not a concern • DRM lock-in less of a concern for companies or government
• 14.
  PRO VS. CON •“Trusted Computing requires you to surrender control of your machine to the vendors of your hardware and software, thereby making the computer less trustworthy from the user’s perspective” [11] Ross Anderson
• 15.
  WINDOWS MEDIA PLAYER9 EULA "Digital Rights Management (Security). You agree that in order to protect the integrity of content and software protected by digital rights management ('Secure Content'), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update."
• 16.
  “For years BillGates has dreamed of finding a way to make the Chinese pay for software, TC looks like being the answer to his prayer.” [11] Ross Anderson.
• 17.
  CONCLUSION • Increased security •PKI • Malware protection • Attestation • A very abuseable capability for software vendors
• 18.
  BIBLIOGRAPHY • [1] AndyDoman, Trusted Computing: A matter of Trust, http://www.networkmagazine.com/shared/article/showArticle.jhtml?articleId=221028 89 • [2] DigitalIDWorld, "Assuring Networked Data and Application Reliability", Digital ID World Jan/Feb 2004 https://www.trustedcomputinggroup.org/press/1- 3412425E_SC.pdf • • [4] Reiner Sailer, et al, , "The Role of TPM in Enterprise Security", https://www.trustedcomputinggroup.org/press/news_articles/rc23363.pdf • [11] Ross Anderson, http://www.againsttcpa.com/index.shtml