1 / 24

Microsoft’s Next-Generation Secure Computing Base, formerly Palladium

Microsoft’s Next-Generation Secure Computing Base, formerly Palladium. Kit Colbert Student Consultant Representing Microsoft mssc@brown.edu. What is Palladium?. A set of hardware and software extensions to make the PC more trustworthy. Today’s apps will still run just fine.

castor-carney
Download Presentation

Microsoft’s Next-Generation Secure Computing Base, formerly Palladium

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft’sNext-Generation Secure Computing Base,formerly Palladium Kit ColbertStudent Consultant Representing Microsoftmssc@brown.edu

  2. What is Palladium? • A set of hardware and software extensions to make the PC more trustworthy. • Today’s apps will still run just fine. • You can disable Palladium extensions if you choose. • What exactly is trustworthy computing? • Good question…

  3. Trustworthy Computing • Trustworthy: worthy of confidence. • Examples: • Credit card numbers that can’t be stolen. • Personal diary that can only be written and viewed by you or people you choose. • Someone is who she says she is. • There are currently ad-hoc solutions for some of these concerns, Palladium seeks to solve them all.

  4. Who To Trust? • Applications? • Operating systems can programmatically subvert applications. • Operating System? • Hardware can programmatically subvert operating systems. • Hardware? • Humans can subvert hardware, but not programmatically. • So we have to start off trusting the hardware.

  5. Chain of Trust • We start off trusting the hardware and build up, thus creating a chain of trust. Applications Operating System Hardware

  6. Palladium’s Goals • Usher in a new era of trustworthy computing by enabling the PC to: • Perform trusted operations • Span multiple computers with this trust • Create dynamic trust policies • Allow anyone to authenticate these policies

  7. How Palladium Will Do It • Specifically, Palladium will add four new security features that increase the trustworthiness of the machine: • Protected memory • Attestation • Sealed storage • Secure input and output • It primarily does this through cryptographic keys and algorithms.

  8. Hardware Extensions • Security Support Component (SSC) • Secure communication channels for: • I/O • Graphics • Network • Storage • Chipsets • CPU op-codes, registers, interrupts, and status bits

  9. Software Extensions • Nexus • (the kernel) • shared source • Trusted agents • (the applications) • So what is this, a whole other operating system?? • Well, sort of…

  10. The New View • Two parallel operating systems? • Not quite, the trusted kernel still relies on the untrusted kernel for most of its functionality. User Mode Trusted User Mode Kernel Mode Trusted Kernel Mode

  11. SSC/Nexus Interaction • Sealed storage: • SSC’s symmetric key, call it ‘s’ • SSC hash of running Nexus kernel, call it ‘h’ • Arbitrary data pointed to by pointer ‘p’ • SSC implements two operations: • c = SEAL(p) • p = UNSEAL(c) • Example implementation: • SEAL: aes_encrypt(s+h, p) • UNSEAL: aes_decrypt(s+h, p) • If either SSC or Nexus changes, can’t retrieve data!

  12. Bringing It All Together • Closed sphere of trust:

  13. TCPA • Trusted Computing Platform Alliance • Group of companies (about 200) • Biggest players: • Microsoft • Intel • Compaq • HP • IBM • Same goal as Palladium: trustworthiness

  14. All About the Hardware • TCPA specification only for hardware • It’s operating system agnostic • Complete TCPA 1.1b spec online • One implementation of it in production machines (one version of IBM Thinkpad) • Palladium uses some of the TCPA spec

  15. How Palladium Will Affect You • A Palladium PC will still run non-trusted apps • So everything you have now will still work • Palladium is opt-in • You have to explicitly choose to use it • Signed binaries means less chances of a trojan or virus inserted into commonly used programs

  16. Your Information is Secure • All your personal information is stored on your home machine, not on some company’s server. • You control precisely who sees what and what they can do with it. • No more doctor’s new patient forms, no more filling out credit card apps, etc.

  17. Digital Rights Management • Probably the biggest issue with Palladium • Palladium will enable the media companies to protect their content • Which raises some questions: • So no more fair use? • Can I still pirate? • Fair use: probably not for the short term • Piracy: you can still do it on the non-trusted side

  18. Open Source and Palladium • Will operating systems like Linux still run on a Palladium PC? • Definitely. • Not only will Linux still run, but it could in theory be modified to have a Nexus • Thus it could run trusted apps

  19. No User Authentication • User authentication is done through Windows • Ie, usual Windows logon • User is tied to the machine and its keys • Everything encrypted with combination of machine’s SSC and Nexus keys • Switching machines could be tedious

  20. 3-Phase Deployment Plan • Deploy in corporations • Use in internal networks • Make sure sensitive data isn’t leaked • Get major media companies involved • Create trusted content and applications • End users/consumers • Use the trusted apps and content • Distribute personal information

  21. Conclusion • Palladium is a platform • Enables ISVs to write trusted apps easily. • First version in future version of Windows • Sometime around 2005 or 2006 • Will it work? • Who knows. Microsoft hopes so. • Do you want it to work? • There are good and bad outcomes of it. • It’s a personal decision.

  22. Palladium Links • Microsoft Palladium: A Business Overviewhttp://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp • Microsoft NGSCB Technical FAQhttp://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/NGSCB.asp • Palladium Detailshttp://www.activewin.com/articles/2002/pd.shtml • Microsoft Meeting on Palladiumhttp://vitanuova.loyalty.org/2002-07-03.html • EPIC’s Palladium Coveragehttp://www.epic.org/privacy/consumer/microsoft/palladium.html • Inside Microsoft’s Secure OS Project Palladiumhttp://www.extremetech.com/article2/0,3973,837726,00.asp • MIT Palladium Presentationhttp://www.cryptome.org/palladium-mit.htm

  23. More Palladium Links • Interview with Palladium’s Mario Juarezhttp://www.digitalidworld.com/modules.php?op=modload&name=News&file=article&sid=74&mode=&order=0 • Q&A: Palladium Initiativehttp://www.microsoft.com/presspass/Features/2002/Jul02/07-01palladium.asp • TCPA / Palladium FAQhttp://www.cl.cam.ac.uk/%7Erja14/tcpa-faq.html • TCPA and Palladium: Sony Insidehttp://www.kuro5hin.org/story/2002/7/9/17842/90350 • TCPA and Palladium Technical Analysishttp://wintermute.homelinux.org/miscelanea/TCPA%20Security.txt • Palladium and the TCPAhttp://www.counterpane.com/crypto-gram-0208.html • TCPA Homepagehttp://www.trustedpc.org

  24. Questions?

More Related