Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006.

Published byShanon Newton Modified over 9 years ago

Similar presentations

Presentation on theme: "Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006."— Presentation transcript:

1 Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006

2 Agenda Introduction Introduction Defining trust and its different flavours Defining trust and its different flavours The idea of Trusted Computing Platforms The idea of Trusted Computing Platforms Technicalities of TCP Technicalities of TCP Conceptual problems with TCP Conceptual problems with TCP TCP & DRM TCP & DRM Summary & Discussion Summary & Discussion

3 Introduction What is a Trusted Computing Platform? What is a Trusted Computing Platform?

4 Introduction A computer with some kind of additional hardware, that serves to protect the system from malicious software or unintended / undesired use. A computer with some kind of additional hardware, that serves to protect the system from malicious software or unintended / undesired use.

5 Agenda Introduction Introduction Defining trust and its different flavours Defining trust and its different flavours The idea of Trusted Computing Platforms The idea of Trusted Computing Platforms Technicalities of TCP Technicalities of TCP Conceptual problems with TCP Conceptual problems with TCP TCP & DRM TCP & DRM Summary & Discussion Summary & Discussion

6 What is trust? Trusted vs. Trustworthy Trusted vs. Trustworthy The nature of trust The nature of trust Technical Trust Technical Trust Computers are predictable Computers are predictable

7 Trustworthy – earned trust User has a reason to trust in a System‘s behavior User has a reason to trust in a System‘s behavior Impossible to compromise data Impossible to compromise data Previous behaviour and standards deserve trust Previous behaviour and standards deserve trust

8 Trusted – forced trust User has no other choice but to trust the system User has no other choice but to trust the system Black box Black box No alternatives No alternatives "A 'trusted' computer does not mean a computer that is trustworthy." – Bruce Schneier "A 'trusted' computer does not mean a computer that is trustworthy." – Bruce Schneier

9 Technical Trust Device does what it is supposed to do Device does what it is supposed to do “an entity can be trusted if it always behaves in the expected manner for the intended purpose“ – [TCG] “an entity can be trusted if it always behaves in the expected manner for the intended purpose“ – [TCG] i.g. Harddrive controller i.g. Harddrive controller

10 Agenda Introduction Introduction Defining trust and its different flavours Defining trust and its different flavours The idea of Trusted Computing Platforms The idea of Trusted Computing Platforms Technicalities of TCP Technicalities of TCP Conceptual problems with TCP Conceptual problems with TCP TCP & DRM TCP & DRM Summary & Discussion Summary & Discussion

11 Supporters Trusted Computing Group Trusted Computing Group Formerly known as Trusted Computing platform alliance Formerly known as Trusted Computing platform alliance AMD, Hewlett-Packard, IBM, Infineon, Intel, Lenovo, Microsoft, and Sun Microsystems AMD, Hewlett-Packard, IBM, Infineon, Intel, Lenovo, Microsoft, and Sun Microsystems

12 TCP – pure intentions Make computers safer, more reliable Make computers safer, more reliable Protect from viruses, malware Protect from viruses, malware Protect from hackers, unauthorized access Protect from hackers, unauthorized access

13 Opponents Computer security experts Computer security experts Richard Stallman (GNU) Richard Stallman (GNU) Ross J. Anderson (Cambridge U., UK) Ross J. Anderson (Cambridge U., UK) Bruce Schneier (Comp.Sec. Author) Bruce Schneier (Comp.Sec. Author)

14 TCP – not as good as it seems? Trust in the driving factors of TCP is undeserved Trust in the driving factors of TCP is undeserved TCP gives system and software designers too much control and power TCP gives system and software designers too much control and power Undue Censorship possible Undue Censorship possible

15 A quick survey Who uses......AMD / Intel processors?...AMD / Intel processors?...Microsoft / Apple OS?...Microsoft / Apple OS? Think about whether you trust them or not!

16 Agenda Introduction Introduction Defining trust and its different flavours Defining trust and its different flavours The idea of Trusted Computing Platforms The idea of Trusted Computing Platforms Technicalities of TCP Technicalities of TCP Conceptual problems with TCP Conceptual problems with TCP TCP & DRM TCP & DRM Summary & Discussion Summary & Discussion

17 The simple TC-life Trusted Platform Module Trusted Platform Module One chip solution One chip solution Open specifications Open specifications

18 The TCG Guidelines Trusted Platform Module provides: Secure Input & Output Secure Input & Output Memory curtaining / Protected execution Memory curtaining / Protected execution Sealed storage Sealed storage Remote attestation Remote attestation

19 The Guidelines I Secure Input & Output Secure channel between user and software Secure channel between user and software Avoid keyloggers, screenparsers etc. Avoid keyloggers, screenparsers etc.

20 The Guidelines II Memory Curtaining Block access to memory for all other software Block access to memory for all other software Even OS access is denied Even OS access is denied

21 The Guidelines III Sealed Storage Encrypt files using key derived from software & hardware Encrypt files using key derived from software & hardware

22 The Guidelines IV Remote Attestation Certificate generated by the Trusted Platform Module Certificate generated by the Trusted Platform Module Hardware has not been tampered with Hardware has not been tampered with What software is running What software is running (active point of view) (active point of view)

23 Agenda Introduction Introduction Defining trust and its different flavours Defining trust and its different flavours The idea of Trusted Computing Platforms The idea of Trusted Computing Platforms Technicalities of TCP Technicalities of TCP Conceptual problems with TCP Conceptual problems with TCP TCP & DRM TCP & DRM Summary & Discussion Summary & Discussion

24 Reflection What does TC do? What does TC do? What could it do? What could it do? How does it work? How does it work?

25 Additional Concepts Remote Attestation Remote Attestation (passive point of view) (passive point of view) Owner Override Owner Override

26 Remote Attestation What is running? What is running? = Is XYZ running...? = Is XYZ running...?...on machine UVW?...on machine UVW?

27 Owner Override Allow owner to disable functions Allow owner to disable functions Allow owner to overide actions Allow owner to overide actions

28 Controversies Remote Censorship Remote Censorship Freedom of Software Choice Freedom of Software Choice Limitations on Data & Information Limitations on Data & Information Identifiability Identifiability TCP & Digital Licensing TCP & Digital Licensing

29 Remote Censorship Software creators instead of users control data objects Software creators instead of users control data objects Data objects may be deleted without user‘s consent Data objects may be deleted without user‘s consent Data objects‘ distribution may be prevented Data objects‘ distribution may be prevented

30 Software Choice Information created with Software A may be locked from all other software Information created with Software A may be locked from all other software Data Objects may require Software A although they are of a common type Data Objects may require Software A although they are of a common type

31 Limitations on User‘s Data No migration No migration Software requiring “newest“ software versions Software requiring “newest“ software versions Data requiring spyware Data requiring spyware

32 Identifiability on the Internet Remote Attestation Remote Attestation Collect information? Collect information? Free Speech Free Speech Direct Anonymous Attestation Direct Anonymous Attestation

33 Limitations on Information Enforcing „[Fair] Use Policy“ Enforcing „[Fair] Use Policy“ Limiting file formats to certain software Limiting file formats to certain software Microsoft: DRM making use of TC Microsoft: DRM making use of TC

34 TCP and Digital Licensing Relies on Sealed Storage & Memory Curtaining Relies on Sealed Storage & Memory Curtaining Relies on Remote Attestation Relies on Remote Attestation

35 TCP and Digital Licensing: Scenario 1 Concept: Enforcing “[Fair] Use Policy“ Concept: Enforcing “[Fair] Use Policy“ Restriction of Use Restriction of Use Restrictions on replay Restrictions on replay Playability linked to user‘s behaviour Playability linked to user‘s behaviour

36 TCP and Digital Licensing: Scenario II Concept: Spyware Concept: Spyware Marketing Trap Marketing Trap Evolving “[Fair] Use Policy“ Evolving “[Fair] Use Policy“

37 Impracticality Constant Owner Overrides Constant Owner Overrides  Disabled features Fear of control, what if... Fear of control, what if......the controling party is ‘evil‘...the controling party is ‘evil‘...the hardware fails...the hardware fails Frequent new developments Frequent new developments  outdated technology

38 Agenda Introduction Introduction Defining trust and its different flavours Defining trust and its different flavours The idea of Trusted Computing Platforms The idea of Trusted Computing Platforms Technicalities of TCP Technicalities of TCP Conceptual problems with TCP Conceptual problems with TCP TCP & DRM TCP & DRM Summary & Discussion Summary & Discussion

39 Survey Results Do you trust Intel, Microsoft, AMD, Apple etc.? Do you trust Intel, Microsoft, AMD, Apple etc.? A: They pay me $$$ C: Earned TrustD: I don‘t use computers B: Forced Trust

40 Survey Results Do you trust Intel, Microsoft, AMD, Apple etc.? Do you trust Intel, Microsoft, AMD, Apple etc.? 50/50 joker: 50/50 joker: C: Earned Trust B: Forced Trust

41 Survey Results C: Earned Trust B: Forced Trust Do you trust Intel, Microsoft, AMD, Apple etc.? Do you trust Intel, Microsoft, AMD, Apple etc.? Audience joker: Audience joker:

Download ppt "Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006."

Similar presentations

Web Content Control Application Providing Secure & Reliable Internet Access December 2010.

Web Content Control Application Providing Secure & Reliable Internet Access December 2010.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.

Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.
Vpn-info.com.

Vpn-info.com.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.

Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
Software Certification and Attestation Rajat Moona Director General, C-DAC.

Software Certification and Attestation Rajat Moona Director General, C-DAC.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.
3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.

3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
Computer Viruses.

Computer Viruses.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Chapter 1 – Introduction

Chapter 1 – Introduction
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
W15D3. Protection (recap) Common sense Antivirus software (some free, eg: AVG) Update OS Verify the validity of info in e-mails received  Use search.

W15D3. Protection (recap) Common sense Antivirus software (some free, eg: AVG) Update OS Verify the validity of info in s received  Use search.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Randy Fort CS 265 Trusted Platform Modules April 19 th, 2005.

Randy Fort CS 265 Trusted Platform Modules April 19 th, 2005.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002.

Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.

Similar presentations

Ads by Google