Download
trusted computing n.
Skip this Video
Loading SlideShow in 5 Seconds..
Trusted Computing PowerPoint Presentation
Download Presentation
Trusted Computing

Trusted Computing

746 Views Download Presentation
Download Presentation

Trusted Computing

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA

  2. Trusted Computing • Overview of TCP • How it works • Intel LaGrande • Microsoft NGSCB (Palladium) • Uses • Issues

  3. Trusted Computing Group • TCG formed by industry leaders • Open standards for trustworthy computing • Provides hardware and software security to combat several type of threat • Moving towards PDAs, omnipresence

  4. Features of Trusted Computers • For business • Licensing • DRM • For Users • Anti-hacker • Anti-virus • Backwards compatible • Can be turned off

  5. LaGrande • Intel’s hardware implementation • Based on Arbaugh’s secure bootstrap • Runs parallel to normal architecture • Uses hash values for modification detection • Operates in several different parts of chipset

  6. LaGrande – Secure Bootstrap • Higher abstraction layers only as secure as lower • Trusted CPU, chipset, and boot ROM • Each layer verifies hash of next layer before execution

  7. LaGrande – Protected Environment • Built on top of secure bootstrap architecture • Instruction set extensions to create protected processor partition • Extensions to create protected software stack • Trusted platform module (TPM) verifies conditions • Changes to I/O controller, memory controller, graphics controller, and CPU

  8. LaGrande • Separate execution space • Separate memory space • Secure mouse/keyboard • Secure graphics

  9. NGSCB • Software side of TC • Domain Manager aka Nexus • Sealed Storage • Remote Attestation

  10. NGSCB – Nexus • Security kernel, authenticated on boot • Authenticates trusted programs • Application interface to TPM • Does not trust OS

  11. NGSCB – Sealed Storage • Encrypts data on storage device • Key is not stored on storage device • Hash of creating program stored with file • TPM only decrypts for program that passes modification detection • Decrypted only with same TPM / same program

  12. NGSCB - Remote Attestation • Communicate hashes of secure programs for remote verification of modification detection • Ensures that client software functions as intended • Kazaa vs. MPAA/RIAA

  13. Uses • Remote banking, business-to-business e-commerce, and online auctioning • Corporate networking, document sharing • Cheat-proof gaming enforcement • Secure data storage • Personal privacy protection, data management, and record keeping • Shared computing and secure transactions • Secure home computing • Government agencies that require a high level of security and trust • Software license enforcement • Copyright enforcement

  14. Issues • GPL • Who is in control – owners, MS, or content providers? • Assumptions – hardware modifications possible • Censorship

  15. References • Trusted Computing: Promise and Risk http://www.eff.org/Infra/trusted_computing/20031001_tc.php • http://www.microsoft.com/resources/ngscb • Ross Anderson’s site http://www.cl.cam.ac.uk/~rja14/ • Anderson’s Patent • Arbaugh Paper • Inside Intel's Secretive 'LaGrande' Project http://www.extremetech.com/print_article/0,3998,a=107418,00.asp • http://www.intel.com/technology/security/ • http://www.microsoft.com/whdc/winhec/pres03.mspx