Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002."— Presentation transcript:

1 Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002

2 Increase consumer and businesses confidence Protect end-user private data –by enabling trust in end systems behavior Reduce business risks –by enabling trust in the behavior of critical information systems Why Trusted Computing Platforms?

3 Trusted Computing Platform properties Recognize that a platform has known properties –Mobile platform access to corporate network. –Remote Access via known public access point. Identify that a system will behave as expected: –Mobile access to corporate network with firewall and antivirus requirements. –Outsourced platform administration Enable a user to have more confidence in the behavior of the platform in front of them –Trust a platform to handle my private data I.e banking, medical…etc… –Achieving WYSIWYS: What You Sign Is What You See… Do I have confidence in interacting with this platform? Can I trust you to be what you say you are? Can I trust you to behave in an expected manner?

4 The Conspiracy to Prevent Artistry The Conspiracy to Prevent Anonymity The Conspiracy to Prevent Assembly The Conspiracy in Prelude to Apocalypse The Trusted Computing Platform Alliance - TCPA - AKA??? How? The Cleverly Parboiled Amphibian

5 The Trusted Computing Platform Alliance - TCPA - An Industry work group focused on defining and advancing the concept of Trusted Computing Founded in 1999 by Compaq, HP, IBM, Intel, and Microsoft. 180+ members from the hardware, software, communications, and security technology industries

6 The TCPA charter Provide a ubiquitous and widely adopted means to address trustworthiness of computing platforms Publish an open specification for public review – Not security by obscurity Define a technology specification that can be applied to any type of computing platform (not just PCs!)

7 TPM PP Evaluation completed by NIST 8/02 Platform PP or TBB In development Common criteria conformance specs Technology architecture specs TCPA specification activity

8 TCPA concepts Definition: A platform can be trusted if it behaves in the expected manner for the intended purpose TCPA technology provides mechanisms for: – Platform Authentication and Attestation Identify the platform and its properties to a challenging party – Platform Integrity Reporting Reliably measure and report on the platform’s software state – Protected Storage Protect private and secret data. Protect integrity and identity information against subversion

9 The TCPA architecture relies on the concept of a Root of Trust A third party can rely on information provided by a platform’s Root of Trust The root of trust must be able to report on software that has executed The root of trust must be able to keep secrets from the rest of the platform  measure the first piece of code that executes when the platform boots  independent computing engine  “secret” storage How does TCPA achieve this?

10 It is necessary to trust these Roots of Trust for TCPA mechanisms to be relied upon => Conformance and Certification A Root of Trust for Reporting – The component that can be trusted to store and report reliable information about the platform A Root of Trust for Measurement – The component that can be trusted to reliably measure and report to the Root of Trust for reporting what software executes on platform boot Two Roots of Trust: Measurement, Reporting

11 The Trusted Platform Module - TPM - The TPM is the Root of Trust for Reporting Think: smartcard-like security capability embedded into the platform –The TPM is uniquely bound to a single platform –TPM functions and storage are isolated from all other components of the platform (e.g., the CPU)

12 The Core Root of Trust for Measurement - CRTM - The CRTM is the first piece of code that executes on a platform at boot time. (I.e. Bios or Bios BootBlock in an IA-32 platform) –It must be trusted to properly report to the TPM what software executes after it. –Only authorized entities must be able to reflash the CRTM… (those that vouch for its behavior)

13 CRTM and TPM during the boot process The Authenticated boot process CRTM - Bios BootBlock BIOS OpRom1 OSLoader OpRom 2OpRomN OS Hash code TPM Report Hashed code Hand-Off Hash code Hand-Off Hash code Hand-Off Report Hashed code Hash code

14 Platform authenticationProtected Storage Integrity Reporting TCPA feature- set

15 Platform Authentication TCPA provides for the TPM to have control over “multiple pseudonymous attestation identities” TPM attestation identities do not contain any owner/user related information => A platform identity attests to platform properties No single TPM “identity” is ever used to digital sign data => privacy protection TPM Identity certification is required to attest to the fact that they identify a genuine TCPA platform The TPM Identity creation protocol allows for to choose different Certification Authorities (Privacy-CA) to certify each TPM identity => prevent correlation

16 Generating an identity

17 Integrity Reporting Measurements reported to the TPM during (and after) the boot process can not be removed or deleted until reboot => No hiding code that has executed on the platform The TPM will use an attestation identity to sign the integrity report The recipient of integrity information can evaluate trustworthiness of the information based on the certificate of attestation identity  Trust that the TPM is a genuine TPM on a genuine Trusted Platform

18 Integrity Reporting (2) The recipient of reporting information relies on “signed certificates” that attest that a given measurement represents a known piece of code –Cert(Phoenix BIOS v1.2 has hash value of H) –Cert(CorpIT config, combined hash value) The recipient can verify these Integrity Metrics Certificates and compare certified metrics to reported metrics  Trust that the reported metrics correspond to certified software Trusting the reported software is dependent on the recipient’s policy, for a given application context

19 Protected Storage No generic encryption device – no export control pb Cryptographic keys can be created that are protected by the TPM Data can be encrypted using the TPM, that can only be decrypted using this same TPM A specific software configuration can also be specified, that will be required for the TPM to allow data to be decrypted, or keys to be used  This is called Sealing: parameters define which Integrity Metrics the data should be sealed to

20 Protected Storage Hierarchy

21 Privacy-positive design Notion of TPM Owner, think Platform Administrator Ultimate TPM functionality control goes to the Owner TPM Activation controlled by the Owner, and deactivation available to the User No single TPM “identity” is ever used to digitally sign data Multiple pseudonymous IDs (limits correlation) Remote control of the TPM enabled by challenge response protocols for authorization mechanisms Can prevent the revelation of secrets unless the software state is in an approved state

22 Common Criteria based TCPA: – TPM Protection Profile completed – Platform Protection Profile to include CRTM and connection to platform Manufacturers role – Create Security Target, and produce product design evaluation About Conformance

23 Short term TCPA benefits – protected storage (Platform with a TPM, associated software provided by the TPM manufacturer) Customers can encrypt the data on their hard disks in a way that is much more secure than software solutions. –The TCPA chip is a portal to encrypted data. –Encrypted data can then only ever be decrypted on the same platform that encrypted it. –TCPA also provides for digital signature keys to be protected and used by the embedded hardware chip

24 Middle term TCPA benefits – integrity checking (Short term solution plus additional software) Protection against hacker scripts, by automatically preventing access to data if unauthorised programs are executed. –TCPA provides for the measurement of integrity metrics of the software environment on the TCPA platform. –Allows for a remote party to verify what the software environment on a TCPA platform is. –The TCPA chip can then be used to encrypt data to disk so that this data can only ever be decrypted on that same platform, and ONLY if the platform has a given set of software environment integrity metrics.

25 Long term TCPA benefits – e-commerce Customers and their partners/suppliers/customers can connect their IT systems and expose only the data that is intended to be exposed. –TCPA is designed so that platform identities and Integrity Metrics can be proven reliably to previously unknown parties. –Secure online discovery of platforms and services: confidence in the information about the software environment and identity of a remote party, enabling higher levels of trust when interacting with this party.

26 and now Palladium

27 HPLabs Trusted Systems Lab joe.pato@hp.com The Book “Trusted Computing Platforms: TCPA technology in context” By Boris Balacheff, Liqun Chen, Siani Pearson, David Plaquin, and Graeme Proudler Order at www.hp.com/hpbooks The “hairy” TCPA specification at www.trustedcomputing.org For more information

Download ppt "Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/6.857 17 October 2002."

Similar presentations

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Copyright© 2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Trusted Computing David Grawrock TPM.

Copyright© 2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Trusted Computing David Grawrock TPM.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Vpn-info.com.

Vpn-info.com.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
TCPA TCPA TCPA T rusted C omputing P latform A lliance Saurabh Phansalkar.

TCPA TCPA TCPA T rusted C omputing P latform A lliance Saurabh Phansalkar.
Software Certification and Attestation Rajat Moona Director General, C-DAC.

Software Certification and Attestation Rajat Moona Director General, C-DAC.
Hardware-Rooted Security in Mobile Devices Andrew Regenscheid Lead, Hardware-Rooted Security Computer Security Division.

Hardware-Rooted Security in Mobile Devices Andrew Regenscheid Lead, Hardware-Rooted Security Computer Security Division.
Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.

Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Similar presentations

Ads by Google