1 / 9

A Secure and Reliable Bootstrap Architecture - AEGIS

A Secure and Reliable Bootstrap Architecture - AEGIS. William A. Arbaugh David J. Farber Jonathan M. Smith. Presented by Vytautas Valancius. Secure bootstrap will work on commodity hardware Failed software will be restored Boot process is guaranteed to end up in secure state.

dieter
Télécharger la présentation

A Secure and Reliable Bootstrap Architecture - AEGIS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Secure and Reliable Bootstrap Architecture - AEGIS William A. Arbaugh David J. Farber Jonathan M. Smith Presented by Vytautas Valancius

  2. Secure bootstrap will work on commodity hardware Failed software will be restored Boot process is guaranteed to end up in secure state BIOS is not compromised There is signature for every component in a system Every component is able to check its children There is connectivity to trusted network host Claims Assumptions

  3. Secure Boot Process • Level 0 is trusted • Level n checks Level n+1 • Level n needs to store hashes for Level n+1 • Level n does not check Level n-1!

  4. Flaws (or Features?) • Level n does not check Level n-1 • User trusts the hardware but how about OS? • Why asymmetric keys are not used? • How do we manage hashes? • How do we make such management secure? • How do we make network recovery secure? • Where do we go next?

  5. Trusted Computing Platform • Explored by Michael a week ago • PKI has taken a tangible role • Level n checks Level n-1 • Uses: • Sealing, Binding • Windows Vista Bitlocker, Linux Enforcer • Remote Attestation • Microsoft Next-Generation Secure Computing Base

  6. Trusted Computing • Possible uses: • MS Office can encrypt your files • So that only trusted software can open them • Data sent by you is read only by trusted entities • Or entities that your employer trusts • Content can be revoked • Injunctions can be easily enforced • Sure, movies can be sold securely online

  7. Discussion TPM • What are the possible use of TPM? • What uses are dangerous and what can we do about them? • What should be management interfaces to TPM? • How do we ensure freedom of choice?

  8. Discussion -AEGIS • Where are the public/private keys gone? • Can OS be sure it was booted securely? • How do we manage hashes? • How do we know hash management is secure? • What if software has a bug? Can we exploit it automatically every time we load system? • Do you like recovery without user intervention?

More Related