Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.

Slides:



Advertisements
Similar presentations
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Advertisements

Chapter 14 – Authentication Applications
Vpn-info.com.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Trusted Systems in Networking Infrastructure Rafael Mantilla Montalvo Cisco Systems June 2013.
Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
A Logic of Secure Systems and its Application to Trusted Computing Anupam Datta, Jason Franklin, Deepak Garg, and Dilsun Kaynar Carnegie Mellon University.
Analysis of Remote Attestation Lavina Jain, Jayesh Vyas.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Using Secure Coprocessors to Protect Access to Enterprise Networks Dr. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh
Enforcement of Security Policy Compliance in Virtual Private Networks Prof. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
1 Emulab Security. 2 Current Security Model Threat model: No malicious authenticated users, Bad Guys are all “outside” –Protect against accidents on the.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes.
Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.
Wide-area cooperative storage with CFS
X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Tony Mangefeste Senior Program Manager SYS-005T Why UEFI? UX value prop from Day one: Fast Boot, OEM Certification, smooth transitions, etc. Secure Boot.
Cumulative Attestation Kernels for Embedded Systems Michael LeMay and Carl A. Gunter.
Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,
Session Agenda Designed to address BIOS Limitations Needed for the larger server platforms (Intel-HP Itanium) First called Intel Boot Initiative.
A Design of Trusted Operating System Based on Linux BY LI HONGJUAN, LANYUQING The presenter Rusul J. ALSaedi Spring 2015 CS Dr. Rothstein.
An approach to on the fly activation and deactivation of virtualization-based security systems Denis Efremov Pavel Iakovenko
Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.
出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲 吳俊逸.
Reducing Trust Domain with TXT Daniel De Graaf. TXT overview Original TPM – Static Root of Trust – BIOS, all boot ROMs, bootloader, hypervisor, OS TPM.
An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.
Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Digital Rights Management and Trusted Computing Kari Kostiainen T Special Course in Operating System Security April 13 th 2007.
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.
1 Pertemuan 3 Operating Cisco IOS Software. Discussion Topics The purpose of Cisco IOS software Router user interface Router user interface modes Cisco.
BareDroid Presenter: Callan Christophersen. What is BareDroid BareDroid is a system to analyse Android apps on real devices with no emulation. It uses.
Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction.
Computer Security module October 2009 Mark D. Ryan University of Birmingham Trusted Platform Module (TPM) introduction.
Hardware-rooted Trust for Secure Key Management & Transient Trust
Trusted Computing and the Trusted Platform Module
Hardware security: The use of a Trusted Platform Module
Trusted Computing and the Trusted Platform Module
Outline What does the OS protect? Authentication for operating systems
A SDN Attestation Approach
Outline What does the OS protect? Authentication for operating systems
TERRA Authored by: Garfinkel, Pfaff, Chow, Rosenblum, and Boneh
Chapter 9: IOS Images and Licensing
Assignment #7 – Solutions
TPM, UEFI, Trusted Boot, Secure Boot
Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow
Bruce Maggs (with some slides from Bryan Parno)
Bruce Maggs (with some slides from Bryan Parno)
SPIRAL: Security Protocols for Cerberus
Presentation transcript:

Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1

Emulab Public network testbed Create complex experiments quickly 500+ nodes at Utah Emulab 2

Emulab Nodes Physical nodes Users have root Space/time shared Artifacts from previous experiment may persist on node 3

Node Corruption 4

Why Reset State? Experiment fidelity depends on a fresh start “Contaminated start” is unacceptable for security sensitive experiments 5

Disk Reloading Control server forces reboot and directs node re-imaging over network Disk reloading network is shared with other nodes In current system state reset is not guaranteed and is not tamper-proof 6

Goals Disk reloading must be reliable Must be flexible for many boot paths Must scale to size of testbed 7

Solution: Trusted Disk Loading System (TDLS) If the experiment is created successfully, node state is reset 8

Contributions Design and implementation of secure disk loading protocol Flexible and secure reloading software scalable to size of testbed 9

Node Reloading 10

Establish trust Verify every stage of node reloading with control server Approach: use the Trusted Platform Module TDLS Fundamentals 11

Trusted Platform Module (TPM) Secure key storage Measurement Remote attestation (quotes) 12

Secure Key Storage Keys are always encrypted before they leave the TPM Keys are only usable on the same TPM where they were created Control server can identify nodes by the public portion of these keys 13

Establish trust Verify every stage of node reloading with control server TDLS Fundamentals 14

Trusted Platform Module (TPM) Secure key storage Measurement Remote attestation (quotes) 15

Measurement Measuring is when we hash a region of memory and extend a certain PCR with the resulting hash Platform Configuration Registers (PCR) o TPMs generally have 24 PCRs o Holds a hash o PCRs can only be modified through extension o Extending: PCR = hash(previous value of PCR + a new hash) 16

Secure Boot Chain with TPM 1.Immutable part of BIOS measures the rest of BIOS 2.BIOS measures boot device 3.Boot device then measures whatever it loads 4.etc. 17

Remote Attestation TPM packages up the desired PCRs and signs them o This is called a quote Tamper-proof as it is signed by the TPM Very easy to differentiate between a genuine quote and arbitrary data signed by TPM 18

Establish trust Verify every stage of node reloading with control server TDLS Fundamentals 19

TDLS Reloading 20

Stage 1: PXE Boot PXE is a network boot protocol PXE ROMs aren’t TPM aware PXE ROMs won't check-in with the control server Boot to USB dongle with gPXE 21

Stage 1: gPXE Measured by BIOS Embedded certificate for server authentication Sends a quote to control server 22

Checking Quotes Server compares every PCR in the quote with known good values in the database The TPM signature over the quotes is verified Quotes contain a nonce from the server to guarantee freshness Different stages are measured into different PCRs 23

Incorrect Quotes An incorrect PCR means something was modified Failure to send a quote before a timeout is treated as a verification failure Control server cuts power to the node and quarantines it 24

Stage 2: GRUB Retrieves, measures, and boots the imaging MFS Will boot to disk when necessary 25

Stage 3: Imaging MFS Sends quote covering everything Writes the encrypted image to disk 26

Sensitive Resources Control server closely monitors a node’s progress via quotes A node can only receive sensitive resources (decryption keys) in a particular state 27

Stage 4: Signoff Disk is imaged Extends known value into designated reboot PCR Marks the end of the trusted chain 28

Image Security The TDLS writes the user-chosen disk image on a node Security researchers want to use both secure and insecure images By design, the TDLS does not check the user-chosen image 29

Attacks That Will Fail Any boot stage corruption BIOS code or configuration modifications Injecting new stages 30

What this means We win 31

Summary Node state must be fully reset in a secure way o Some testbed properties make this very difficult Trusted Disk Loading System o Tracks node progress with quotes o Guarantees node state is reset o Leveraging the Trusted Platform Module  Establish trust between the node and server  Verify every stage of boot chain If experiment creation succeeds the disk has been securely reloaded 32

Future Work Refine the violation model Integrate with Emulab UI Deploy on 160 TPM-enabled nodes at Utah Enable experimenters to verify node state 33

Questions? 34

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.