Académique Documents
Professionnel Documents
Culture Documents
Shiva Krishna
Seminar By: VINAY BOMMA ROLL.NO:12M51D0517 M.TECH(CS) Department of Computer Science & Engineering RRS COLLEGE OF ENGINEERING & TECHNOLOGY
What is Palladium?
Palladium (Pd) is a set of new security-oriented capabilities in Windows Enabled by new hardware Goal is to protect software from software Defend against malicious software running in Ring 0 Four categories of new security features Sealed storage Attestation Curtained memory Secure input and output
Nightmare Scenarios
A virus/Trojan that launches something worse than a denial of service attack: Trades a random stock (for mischief or profit) Posts tax-records to a newsgroup Orders a random book from Amazon.com Grabs user/password for the host/websites and posts them to a newsgroup Posts personal documents to a newsgroup
Trustworthy Computing
Trustworthy: worthy of confidence.
Examples: Credit card numbers that cant be stolen. Personal diary that can only be written and viewed by you or people you choose. Someone is who she says she is. There are currently ad-hoc solutions for some of these
Who To Trust?
Applications?
Operating systems can programmatically subvert
applications.
Operating System?
Hardware can programmatically subvert operating
systems.
Hardware?
Humans can subvert hardware, but not
programmatically.
Chain of Trust
We start off trusting the hardware and build up, thus
Operating System
Hardware
Palladiums Goals
Usher in a new era of trustworthy computing by
Attestation
Sealed storage Secure input and output
algorithms.
Hardware Extensions
Security Support Component (SSC) Secure communication channels for: I/O Graphics Network Storage Chipsets CPU op-codes, registers, interrupts, and status bits
Software Extensions
Nexus (the kernel) shared source
Trusted agents (the applications)
So what is this, a whole other operating system?? Well, sort of
Kernel Mode
Two parallel operating systems? Not quite, the trusted kernel still relies on the untrusted kernel for most of its functionality.
SSC/Nexus Interaction
Sealed storage:
SSCs symmetric key, call it s
SSC hash of running Nexus kernel, call it h Arbitrary data pointed to by pointer p SSC implements two operations: c = SEAL(p) p = UNSEAL(c) Example implementation: SEAL: aes_encrypt(s+h, p) UNSEAL: aes_decrypt(s+h, p)
TCPA
Trusted Computing Platform Alliance Group of companies (about 200) Biggest players:
(one version of IBM Thinkpad) Palladium uses some of the TCPA spec
machine, not on some companys server. You control precisely who sees what and what they can do with it.
No more doctors new patient forms, no more filling
side
Palladium PC?
Definitely.
No User Authentication
User authentication is done through Windows Ie, usual Windows logon User is tied to the machine and its keys Everything encrypted with combination of machines SSC and Nexus keys Switching machines could be tedious
Get major media companies involved Create trusted content and applications
End users/consumers Use the trusted apps and content Distribute personal information
Summary
Palladium is a hardware-based secure execution environment Palladium processes are isolated from each other by the hardware Palladium processes can store & retrieve secrets securely (based on their hash value) The nexus provides an execution environment and security/crypto-services to hosted agents Hardware provides crypto services to the nexus Recursively, the nexus provides these same services to agents running on top of it.
Conclusion
Palladium is a platform Enables ISVs to write trusted apps easily.