Trusted Platform Modules for Encrypted File System Access Control Steven Houston & Thomas Kho CS 252 May 9, 2007 Steven Houston & Thomas Kho CS 252 May.

Slides:



Advertisements
Similar presentations
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Advertisements

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
Re-envisioning of the TPM
Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.
Vpn-info.com.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
Offline Untrusted Storage with Immediate Detection of Forking and Replay Attacks Marten van Dijk, Jonathan Rhodes, Luis Sarmenta Srini Devadas MIT Computer.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
1 Modeling and Analysis of Networked Secure Systems with Application to Trusted Computing Jason Franklin Joint work with Deepak Garg, Dilsun Kaynar, and.
outline Purpose Design Implementation Market Conclusion presentation Outline.
Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
Copyright Protection Allowing for Fair Use Team 9 David Dobbs William Greenwell Jennifer Kahng Virginia Volk.
02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2015.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
DEP350 Windows ® Rights Management (Part 1): Introduction, Concepts, And Technology Marco DeMello Group Program Manager Windows Trusted Platforms & Infrastructure.
What is EKMI? Enterprise Key Management Infrastructure Take the tour.
Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems.
MagicNET: Security Architecture for Creation, Classification, and Validation of Trusted Mobile Agents Presented By Mr. Muhammad Awais Shibli.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Byzantine fault-tolerance COMP 413 Fall Overview Models –Synchronous vs. asynchronous systems –Byzantine failure model Secure storage with self-certifying.
The TAOS Authentication System: Reasoning Formally About Security Brad Karp UCL Computer Science CS GZ03 / M th November, 2008.
Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme
1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz
Network Security Lecture 25 Presented by: Dr. Munam Ali Shah.
Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.
Wireless and Mobile Security
Digital Rights Management and Trusted Computing Kari Kostiainen T Special Course in Operating System Security April 13 th 2007.
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
Securely assessing encrypted cloud storage from multiple devices Nguyen Hoang Long Supervisor : Prof. N. Asokan Advisor : Sandeep.
Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud.
KERBEROS SYSTEM Kumar Madugula.
INSTITUTE FOR CYBER SECURITY 1 Enforcement Architecture and Implementation Model for Group-Centric Information Sharing © Ravi Sandhu Ram Krishnan (George.
CMSC 818J: Privacy enhancing technologies Lecture 2.
Hardware-rooted Trust for Secure Key Management & Transient Trust
Trusted Computing and the Trusted Platform Module
Outline What does the OS protect? Authentication for operating systems
PV204 Security technologies
Outline What does the OS protect? Authentication for operating systems
CS691 M2009 Semester Project PHILIP HUYNH
Building hardware-based security with a Trusted Platform Module (TPM)
CS691 M2009 Semester Project PHILIP HUYNH
Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow
Verifiable Attribute Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud They really need a shorter title.
SPIRAL: Security Protocols for Cerberus
Presentation transcript:

Trusted Platform Modules for Encrypted File System Access Control Steven Houston & Thomas Kho CS 252 May 9, 2007 Steven Houston & Thomas Kho CS 252 May 9, 2007

Motivation  Efficient access revocation is a problem in distributed storage systems.

Current Approaches  Key revocation  Active - re-encrypt on revocation  Con: expensive  Lazy - re-encrypt on file change  Revoked client can’t read more data than before  Con: revoked client still has some access  Key revocation  Active - re-encrypt on revocation  Con: expensive  Lazy - re-encrypt on file change  Revoked client can’t read more data than before  Con: revoked client still has some access

Goals  Gain? Minimize key revocation (=> re- keying) by maximizing access revocation  Active revocation of less keys?  Explore what extra security we can get  Even the type that minimizes windows of vulnerability  Quantify performance when TPM is on the datapath  What could make TPMs even more useful?  Gain? Minimize key revocation (=> re- keying) by maximizing access revocation  Active revocation of less keys?  Explore what extra security we can get  Even the type that minimizes windows of vulnerability  Quantify performance when TPM is on the datapath  What could make TPMs even more useful?

Trusted Platform Modules  Enables trusted platforms/secure bootstrapping  (We assume it’s not widely available)  Signing/binding/sealing/attestation  Wrapped keys, migratable and not  Transport session logging  Monotonic counters  NOT a crypto accelerator, but we use it like one!  Enables trusted platforms/secure bootstrapping  (We assume it’s not widely available)  Signing/binding/sealing/attestation  Wrapped keys, migratable and not  Transport session logging  Monotonic counters  NOT a crypto accelerator, but we use it like one!

Access Revocation  We assume an untrusted storage system and eventually malicious clients  We want  to be able to revoke access  offline access to (some) data  Attested destruction of capabilities  Implemented as transport-logged eviction/flush  “You can only checkout 10 keys at once”  Don’t let keys get into the wild  Remote auth sessions (server “owns” TPM)  Disallow key migration  We assume an untrusted storage system and eventually malicious clients  We want  to be able to revoke access  offline access to (some) data  Attested destruction of capabilities  Implemented as transport-logged eviction/flush  “You can only checkout 10 keys at once”  Don’t let keys get into the wild  Remote auth sessions (server “owns” TPM)  Disallow key migration

Architecture os userland apps tpm kext fuse kext secure fs tpm/jfuse-j storage system fs calls vnode layer e-2-e security storage system layering Authorization Server

Architecture (2) OIAP Client A’s TPMAuthorization Server Object Independent Auth Protocol  Gives capabilities in the form of keys  Knows (client, tpmownerpass)  Gives capabilities in the form of keys  Knows (client, tpmownerpass)

Key management  SK locked to TPM, can export PK  Write  Encrypt with R_PK, signed with W_SK  Read  Decrypt with R_SK, check signature  Write revocation  Unload W_SK; server verifies secure transport log; storage system & clients reject unsigned data  Read revocation  Unload R_SK; server verifies secure transport log  SK locked to TPM, can export PK  Write  Encrypt with R_PK, signed with W_SK  Read  Decrypt with R_SK, check signature  Write revocation  Unload W_SK; server verifies secure transport log; storage system & clients reject unsigned data  Read revocation  Unload R_SK; server verifies secure transport log

Are we crazy?  We noticed…  (Untuned) software RSA-2048 encrypt: 75KB/s  TPM RSA-2048 decrypt: 600B/s (yes, bytes!)  Joy’s law, right?  Remember, TPM wasn’t designed as a crypto coprocessor, and it won’t do symmetric crypto (for us)  We noticed…  (Untuned) software RSA-2048 encrypt: 75KB/s  TPM RSA-2048 decrypt: 600B/s (yes, bytes!)  Joy’s law, right?  Remember, TPM wasn’t designed as a crypto coprocessor, and it won’t do symmetric crypto (for us)

Conclusion  TPM + Storage System (+ auth server) =  Limited, enforced key distribution (bound to machine)  Attested access revocation  Status: we’re still coding!  TPM + Storage System (+ auth server) =  Limited, enforced key distribution (bound to machine)  Attested access revocation  Status: we’re still coding!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.