Ensuring Platform Integrity and Trust in Cloud Computing Environments
The workshop on "Future Trust and Knowledge Infrastructure" highlights the challenges and importance of maintaining trust and security when migrating network core functionality to the cloud. It emphasizes the need for scalable security controls and standardized measures to protect software components in the cloud environment. The discussion includes topics such as foundation of trust, TCG's role in setting standards for trusted computing, and the significance of security automation in ensuring platform integrity.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
ITU Workshop on "Future Trust and Knowledge Infrastructure", Phase 1 Geneva, Switzerland, 24 April 2015 PLATFORM INTEGRITY TRUST and STANDARDIZATION Alec Brusilovsky Co-chair of TCG TMS WG and Manager, Security Standardization, Interdigital alec.brusilovsky@interdigital.com
Agenda Problem Statement Foundation of Trust TCG Overview Scope, Members, Platforms, Liaisons, Meetings, Work Groups TCG Technologies TPM, TNC, SED, Mobile Summary Acknowledgements 2
Problem Statement Migration of network core functionality to the cloud introduces new security vulnerabilities due to loss of the security provided by the physical protection and isolation of traditional network systems When moving functionality to the Cloud, scalable security controls and tools to provide MNO/enterprise with trust and assurance that their data and computing will remain private and uncompromised do not exist There is a need for explicit and verifiable ways of protecting software components (guest OS, applications/library code and data) that reside in the Cloud (a virtual machine or a container) Trust in computing platform (boot, runtime, crash, and storage integrity) as well as security automation have to be defined and standardized to ensure interoperability
Foundation of Trust Trust is the belief that a person or system will behave predictably, even under stress It is based on experience and/or evidence It is based on fundamental properties (identity, integrity) It is easy to lose and hard to regain A trusted system is predictable, even under stress trusted based on experience and/or evidence based on fundamental properties (identity, integrity)
TCG Trusted Computing Group TCG is one of the principal standards bodies focused on trusted computing standards and platform integrity TPM 1.2 and TPM 2.0 specs are ISO 11889:2009/2015 and are implemented in more than two billion devices Servers, PCs, tablets, smartphones, printers, kiosks, industrial systems, and many embedded systems Trusted Computing includes more than secure boot Security Automation Secure Cloud Secure Storage Secure Mobile Devices Secure Legacy Devices 5
TCG Trusted Computing Group The Trusted Computing Group (TCG) is a not-for- profit organization formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. Members include manufacturers, governments, and academics cloud computing, operating systems, security research, aerospace, automotive, SoC, IoT, embedded systems, mobile phones, servers, PCs, laptops, tablets, memory, hard drives, and more 6
TCG Members 100+ Members: Chips, Cloud, Embedded, IoT, Mobile, PC Hewlett-Packard IBM Infineon Technologies AG Intel Corporation Lenovo Holdings Limited Microsoft Insight International Corp Oracle Complete Membership List Available: http://www.trustedcomputinggroup.org/about_tcg/tcg_members 7
TCG Where trust begins Trusted Computing Technologies Trusted Platform Module (TPM) hardware root-of-trust & key storage Trusted Network Connect (TNC) access control & endpoint compliance Self-Encrypting Drive (SED) hardware encryption & fine-grained locking PC Client, Mobile, Automotive Profiles of TPM 2.0 Library Spec Trusted Computing Platforms Interfaces across multiple platforms for trusted data, devices, and networks Automobiles, Embedded Systems, Internet of Things, Cloud/SDN, Virtual Machines, Servers, Desktops, Laptops, Tablets, Mobile Phones, and more Formal Liaisons ETSI, Global Platform, Mobey Forum, ISO, IEEE, IETF, OASIS, and more Next TCG Member Meetings Next TCG Member Meetings 15-19 June 2015 in Edinburgh, Scotland 19-23 October 2015 in Montreal, Canada 8
TCG Work Groups Technical Work Groups Specifications & Guidelines Embedded Systems auto, IoT, financial, industrial, medical, SmartGrid Infrastructure integrating TCG technologies into enterprises & Internet Mobile phones, PDAs, eReaders, etc. PC Client desktop/laptop/tablet interfaces & profiles for security & trust Server server requirements, guidelines, and specifications Software Stack standard APIs for accessing the functions of a TPM Storage standards for security services on dedicated storage systems Trusted Network Connect endpoint integrity and access control Trusted Platform Module hardware root-of-trust, crypto, key management Virtualized Platform virtual TPM, multi-persona, isolation, migration Solutions Work Groups Solutions Work Groups Use Cases & Best Practices Use Cases & Best Practices Trusted Mobility Solutions end-to-end mobile ecosystems & solutions Trusted Multitenant Infrastructure Cloud trust models & best practices 9
TCG Key Technologies Platform security for NFV (boot, crash, and runtime)
Trusted Platform Module (TPM) Trusted Platform Module offers facilities for the secure generation of cryptographic keys, and limitation of their use, in addition to a random number generator. It also includes capabilities such as remote attestation and sealed storage, as follows: Remote attestation creates a nearly unforgeable hash summary of the hardware and software configuration. The program hashing the configuration data determines the extent of the summary of the software. This allows a third party to verify that the software has not been changed. Binding encrypts data using TPM bind key, a unique RSA key descended from a storage key. Sealing encrypts data in a similar manner to binding, but in addition specifies a state in which TPM must be in order for the data to be decrypted (unsealed). Software can use a Trusted Platform Module to authenticate hardware devices. Since each TPM chip has a unique and secret RSA key burned in as it is produced, it is capable of performing platform authentication. TPM components (figure by Guillaume Piolle).
TCG Trusted Platform Module TPM 2.0 Library Spec Revision 01.16 October 2014 http://www.trustedcomputinggroup.org/resources/tpm_library_specification Part 1: Architecture concepts, roots-of-trust, features, authorizations Part 2: Structures types, constants, handles, interfaces, structures Part 3: Commands startup, self-test, sessions, objects, crypto, attestation, signatures, audit, integrity, authorization, key hierarchies, dictionary attack defense, field upgrade, context mgmt, clocks & timers, capabilities, NVRAM Part 4: Supporting Routines automation, header files, execute, sessions, attestation, context mgmt, policies, NVRAM, objects, crypto, audit, etc. TPM 2.0 Library Errata TPM 2.0 Library Errata Version 1.2 Version 1.2 February 2015 sessions, authorizations, quotes, signatures, NVRAM, etc. TCG Algorithm Registry TCG Algorithm Registry Rev 01.22 Rev 01.22 February 2015 http://www.trustedcomputinggroup.org/resources/tcg_algorithm_registry RSA, ECC Curves, Hash Algorithms, Symmetric Block Ciphers, etc. February 2015 February 2015 12
TCG Trusted Platform Module A Practical Guide to TPM 2.0 February 2015 http://www.trustedcomputinggroup.org/resources/a_practical_guide_to_tpm_20 http://www.apress.com/9781430265832 Will Arthur (Intel) and David Challener (Johns Hopkins University) with Ken Goldman (IBM) eBook version is FREE for download TPM history, basic concepts, quick tutorial, TPM 2.0 Library spec overview TPM Software Stack 2.0 (TSS) high-level and low-level APIs TPM entities, hierarchies, keys, NV indices Platform configuration registers (PCRs) for secure and measured boot Authorizations, sessions, enhanced authorization (EA) policies Key management, auditing, encryption, decryption, context management Startup, shutdown, and provisioning, debugging, applications 13
Trusted Network Connect attestation and security automation Trusted Network Connect (TNC) network security architecture and open standards enable intelligent policy decisions, dynamic security enforcement, and communication between security systems. TNC provides pervasive security, Network Access Control (NAC) and interoperability in multi-vendor environments. IETF "Posture Attribute (PA) Protocol Compatible with Trusted Network Connect" (PA-TNC) defined by RFC 5792 IETF "Posture Broker (PB) Protocol Compatible with Trusted Network Connect" (PB-TNC) defined by RFC 5793. Both RFCs are part of the IETF's "Network Endpoint Assessment" (NEA) framework defined by RFC 5209.
TCG Trusted Network Connect TNC FAQs, Specifications, Developer Tools, Resources http://www.trustedcomputinggroup.org/developers/trusted_network_connect admission control, endpoint integrity verification, endpoint compliance IF IF- -TNCCS TLV Binding TNCCS TLV Binding Version 2.0 Version 2.0 May 2014 http://www.trustedcomputinggroup.org/resources/tnc_iftnccs_specification TNC Client/Server endpoint integrity measurement collection Posture Broker technically aligned with IETF NEA PB-TNC RFC 5793 IF IF- -M TLV Binding M TLV Binding Version 1.0 Version 1.0 May 2014 May 2014 http://www.trustedcomputinggroup.org/resources/tnc_ifm_tlv_binding_specification Posture Attribute technically aligned with IETF NEA PA-TNC RFC 5792 IF IF- -T Tunneled EAP Methods T Tunneled EAP Methods Version 2.0 Version 2.0 May 2014 http://www.trustedcomputinggroup.org/resources/tnc_ift_protocol_bindings_for_tunneled_eap_method s_specification Posture Transport technically aligned with IETF NEA PT-EAP RFC 7171 IT IT- -T TLS Binding T TLS Binding Version 2.0 Version 2.0 February 2013 February 2013 http://www.trustedcomputinggroup.org/resources/tnc_ift_binding_to_tls Posture Transport technically aligned with IETF NEA PT-TLS RFC 6876 May 2014 May 2014 15
Self-Encrypting Storage Data at rest solution for data protection Self-encrypting drives have integrated encryption hardware. The result: Zero performance impact. Software full disk encryption/decryption is processor intensive and is performed by the main processor of the personal computer. During periods of high data usage this can have a major negative performance impact. For data intensive applications such as scans, backup, and large file operations, self-encrypting drives can provide more than double the drive performance of software FDE products All encryption and decryption is done in the protected hardware of the self-encrypting drive Encryption keys are generated in the controller hardware of the self-encrypting drive, never leave the drive, and are not accessible outside of the drive Integrated Authentication User authentication is performed by the self-encrypting drive in order to unlock the drive Authentication is performed by a protected pre-boot OS which is the only software in the system when authentication of the user is performed by the drive Authentication cannot be separated from the drive Rapid cryptographical data destruction
TCG Self-Encrypting Drive Storage FAQs, Specifications, Developer Tools, Resources http://www.trustedcomputinggroup.org/developers/storage ATA, SATA, SCSI, FibreChannel, USB, IEEE 1394, NAS, iSCSI Storage Security Subsystem Class: Opal v2.0 Storage Security Subsystem Class: Opal v2.0 Feb 2012 http://www.trustedcomputinggroup.org/resources/storage_work_group_storage _security_subsystem_class_opal Core specification for Opal self-encrypting drives (desktops/laptops) Storage Security Subsystem Class: Enterprise v1.0 Storage Security Subsystem Class: Enterprise v1.0 Jan 2011 http://www.trustedcomputinggroup.org/resources/storage_work_group_storage _security_subsystem_class_enterprise_specification Core specification for enterprise self-encrypting drives (servers) Feb 2012 Jan 2011 17
TCG Mobile Mobile FAQs, Specifications, Developer Tools, Resources http://www.trustedcomputinggroup.org/developers/mobile ATA, SATA, SCSI, FibreChannel, USB, IEEE 1394, NAS, iSCSI TPM 2.0 Mobile Reference Architecture 16 December 2014 http://www.trustedcomputinggroup.org/resources/tpm_20_mobile_reference_ar chitecture_specification Secure boot, measured boot, protected environment, security requirements, and implementation examples for all mobile devices TPM 2.0 Mobile CRB Interface 16 December 2014 http://www.trustedcomputinggroup.org/resources/tpm_20_mobile_command_re sponse_buffer_interface_specification TPM 2.0 kernel command/response buffer interface TPM 2.0 Mobile Common Profile 3 February 2015 DRAFT http://www.trustedcomputinggroup.org/resources/tcg_tpm_20_mobile_common _profile Medium subset of TPM 2.0 for feature phone or basic phone 18
Summary Platform integrity can be provided by standardized solutions for Hardware Root of Trust Security Automation Secure Cloud Secure Storage Secure Mobile Devices Secure Legacy Devices
Acknowledgements Much gratitude goes to my colleagues from TCG TMS, Ira McDonald and Carlin Covey
Thank you alec.brusilovsky@interdigital.com