1 / 20

Welcome. Workshop on Trust Infrastructures

Welcome. Workshop on Trust Infrastructures. Robert Thibadeau School of Computer Science Carnegie Mellon University rht@cs.cmu.edu. Storms and. Spies. BADTRANS B (new version, Nov 24, 2001 , first report)

regan-rutledge
Télécharger la présentation

Welcome. Workshop on Trust Infrastructures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome. Workshop on Trust Infrastructures Robert Thibadeau School of Computer Science Carnegie Mellon University rht@cs.cmu.edu

  2. Storms and ...

  3. Spies

  4. BADTRANS B (new version, Nov 24, 2001, first report) If the .scr or .pif attachment is opened, the worm displays a message box entitled, "Install error" which reads, "File data corrupt: probably due to a bad data transmission or bad disk access." A copy is saved into the WINDOWS directory as INETD.EXE and an entry is entered into the WIN.INI file to run INETD.EXE at startup. KERN32.EXE (a backdoor Trojan), and HKSDLL.DLL (a valid keylogger DLL) are written to the WINDOWS SYSTEM directory, and a registry entry is created to load the Trojan upon system startup. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\kernel32=kern32.exe Once running, the Trojan attempts to mail the victim's IP Address to the author. Once this information is obtained, the author can connect to the infected system via the Internet and steal personal information such as usernames, and passwords. In addition, the Trojan also contains a keylogger program which is capable of capturing other vital information such as credit card and bank account numbers and passwords. … main problem reports are coming from home users…

  5. First two Workshops in a Series.. .. of Workshops in response to the need for better industry, government, and academic communication with regard to critical issues in planning and deployment of systems of trust. …could we have averted the security disasters of cable modems and dsl? The workshops are educational and it’s our intent to have the key participants shape them. More than one or two? Too many issues. First is overview of all trust infrastructures, second is first focused on one subset: National ID Cards.

  6. “CMU Security Workshop Series” • Security? Shamos: Any security problem where a computer is involved… • Any trust problem where a computer is involved … • Educational : We Look at Deployable Solutions and Identify the Hard Problems • Results: Better products, better service, better standards, better research • Goal: Products, services, standards, and research that greatly improve computer-related trust – fulfilling an educational role

  7. Method • First Part: Review Deployable Solutions and some Interesting new Research • Keep Notes on Hard Problems that seem to be revealed : HANDOUTS! • Plenary and/or Breakout on what participants identify as the Hard Problems and discussion on How these can be Addressed.

  8. Program Agenda 8:30am Introduction to the CMU Workshop Series Dr. Robert Thibadeau, 9:00am Keynote, The View from the Front Lines Simon Perry, Senior VP Security, Computer Associates 10:00 Platform Security: Securing Applications with Firmware Dr. Robert Baldwin, Principal Security Architect, Phoenix Technologies 10:15 Platform Security, Intel Protected Access Architecture Luke Girard, Principal IPAA Architect, Intel 10:30 Coffee break 10:45 User Authentication Katherine Hollis, Director, Global Information Assurance, EDS 11:00 Platform Security David Grawrock, Senior TCPA Architect, Intel 11:15 O/S Security John Doyle, Director Business Development, Harris Corporation 11:30 Platform Security Dr. Len Veil, CTO, Wave Systems 12:00pm Policy Control Tommy Wang, CEO, Interlytics 12:15 Intelligent Firewall Technology James Joyce, CEO, TechGuard Security 12:30 Risk Management Shawn Butler, Ph.D Student, CMU 12:45 Lunch 1:45 Two sides to the story Dr. Geoffrey Strongin, Principal Security Architect, AMD 2:00 Trust Structure Interplay Allen, Executive VP, Wave Systems 2:30 Hard Problems Agenda 3:00 Agenda Breakouts 4:30 Break  4:45 – 5:30 Next Steps, Robert Thibadeau, Carnegie Mellon, John Bourgein, IMA 6:30 Cocktails & Dinner, Wyndam Hotel Sponsored by AMS and Intelytics

  9. Today and Tomorrow Workshop Team John Bourgein – Chief Cook and Bottle Washer Robert Thibadeau – Trust Infrastructure Guru Mike Shamos – National ID Card Guru Sponsors School of Computer Science, CMU Institute for Software Research International – ISRI Robotics Institute eCommerce Institute AMS & Intelytics Dinner at Wyndam Tomorrow Workshop on National ID Cards Sponsor : AMS

  10. Workshopon TrustInfrastructuresTheme : The Interplay of Trust Infrastructures

  11. Trust Infrastructures? Computers are Complex Systems Means You Need More than One Source Of Trust Many Trust Infrastructures participate in the Trust Equation

  12. Examples • Virus Checkers : Central Source of Trust managed by the Virus Checker Company : Target is detecting malicious Applications and Data • PKI : Authenticating authorized users and programs managed by a hierarchy of trust based on trap door cryptography. • Domains : Managing access to programs and data across machines as supplied by an OS and a central Domain Controller.

  13. O1 D2 U1 A1 S1 C3 N1 E1 Cataloguing Trust Infrastructure Products, Standards, & Research(by Target) • OS (Windows, Linux, BSD…) • Device (BIOS, CPU, Video/Audio, Storage) • User (Biometrics, PKI, Smart Cards, Dongles) • Applications(Virus Checkers, Call/Code Authentication) • Server (Secure Email, SSL) • Content (Copy protection, tamper protection, document authentication) • Network (VPNs, Firewalls, Proxy Servers, Intrusion Detection, Forensics) • Enterprise(Central Management Consoles, Risk Measurement)

  14. O1 D2 U1 A1 S1 C3 N1 E1 Acronym Scrabble Fun • A SUN CODE • A “trust infrastructure” puts a single Bright Light on what is otherwise done in darkness • CAN DO USE • What CAN the trust infrastructure DO? • How can we USE it?

  15. Cataloguing Trust SolutionsA SUN CODE(by target) Applications – Virus Check, Call/Code Authentication Server – SSL, Email security User – Smart Cards, PKI Network – TCP/IP, VPNs, IPSec, Forensics Content – Copy/Tamper/Authentication Protect Operating System – Application Environment Device – BIOS, Keyboard, Video, Storage, DA Enterprise – Central Management, Risk

  16. Today’s Workshop Agenda • What are the Trust Infrastructures? • Let’s listen to some of those that are new but deployable today. • What are the Hard Problems? • Where do we need additional sources of trust, but don’t really know yet how to supply them? • E.g. Hard Problems • Personal Privacy • Enterprise Risk Assessment • Open Trust: One source of trust relying on another source of trust

  17. Cataloguing Trust SolutionsCAN DO USE Content – Copy/Tamper/Authentication Protection Application – Virus Check, Call/Code Authentication Network – VPNs, Forensics Device – BIOS, Keyboard, Video, Storage Operating System – Application Environment User – Smart Cards, PKI Server – SSL, Email security Enterprise – Central Management, Risk What CAN the trust infrastructure DO?How can we USE it? What doesn’t the trust infrastructure do?What can we do about it?

  18. Virus Checkers • Hard Problem : Post-Hoc : Work only after bad agents are discovered • What can we do? Maybe a trust infrastructure like intrusion detectors – that can predict new intrusion patterns from existing virus databases? BadTrans is a conventional Spy. • Hard Problem : Why can’t I just modify the virus checker to delete real code and to avoid my trojan horses? • What can we do? Maybe a trust infrastructure that constantly, and with certainty, authenticates the virus checker.

  19. Today • Jot down hard problems and we’ll examine them in the afternoon. • THEME : Interplay of Trust Infrastructures • CD of Powerpoint and Digital Videos Documenting Workshop • White Paper Summarizing Presentations and Results (Thibadeau)

  20. Let’s Begin Simon Perry VP Security Computer Associates

More Related