Trusted Computing - PowerPoint PPT Presentation

About This Presentation
Title:

Trusted Computing

Description:

... the public key is used for attestation and for the encryption of sensitive data ... With remote attestation a certificate is generated in hardware of the software ... – PowerPoint PPT presentation

Number of Views:17
Avg rating:3.0/5.0
Slides: 21
Provided by: Sam1175
Learn more at: http://www.cs.fsu.edu
Category:

less

Transcript and Presenter's Notes

Title: Trusted Computing


1
Trusted Computing
  • BY Sam Ranjbari
  • Billy J. Garcia

2
What is it?
  • Trusted Computing (TC) is an open standard for
    hardware enabled trusted computing and security
    technologies.
  • This means a more secure PC that only trusts the
    software creators not the owner

3
Trusted Computing
  • TC was created by the non-for-profit organization
    Trusted Computing Group (TCG)
  • An alliance of Microsoft, Intel, IBM, HP, AMD and
  • A list can be found at this link
    https//www.trustedcomputinggroup.org/about/member
    s/

4
What does Trust mean?
  • Trust means that something does as it is intended
    to do
  • TCG defines trust as an entity can be trusted if
    it always behaves in the expected manner for the
    intended purpose.
  • For example, when you save or read something from
    your hard drive, you want the data to be written
    and read accurately like it is intended to be,
    but you have to trust it to write and read
    without errors.

5
Who do I trust? Me!
  • Today a computer trusts one of two entities in a
    user and hacker model.
  • The user is trusted and the hacker is not.

6
Continue
  • But when does a computer know that the user is
    not doing something harmful?
  • With TC the user and the hacker are both not
    trusted. This ensures that nothing is done that
    can compromise the security of the PC.

7
So How does TC work?
  • For TC to work you have to use the Trusted
    Computing Module (TPM) which is a hardware system
    where the core (root) of trust in the platform
    will reside.
  • TPM will be implemented using a security
    microchip that handles security with encryption.

8
Groups of secure hardware
  • They are memory curtaining, secure input and
    output, sealed storage, and remote attestation.
  • It is also important to mention the concept of
    the endorsement key.
  • The endorsement key is a 1,048 bit RSA private
    and public key that is created randomly on a
    microchip during the manufacturing of the chip.
    The private key is only used by the chip while
    the public key is used for attestation and for
    the encryption of sensitive data sent to the
    chip.

9
endorsement key
  • The key is used to allow secure transactions by
    the TPM using a protocol created by TCG. This
    prevents a TPM emulator from starting a trusted
    entity. TPM is also designed to prevent
    extraction of the key from hardware analysis

10
Groups of secure Hardware
  • Memory curtaining is hardware enforced memory
    isolation that will prevent software from being
    able to read or write to other softwares memory.
  • Today hackers can read memory and alter
    applications memory to do evil deeds that are
    not intended.

11
Groups of secure Hardware
  • Secure input and output will prevent threats from
    key loggers or screen grabbers from intruders.
  • Using encrypted input and output will prevent the
    intruders from being able to see what the user
    types or what is on the users screen because the
    input from the keyboard to the software and the
    output from the software to the screen are
    encrypted.

12
Groups of secure Hardware
  • Today hard drives are insecure by storing
    cryptographic keys on a hard drive that intruders
    can access.
  • Users passwords, documents, and other
    information are also unprotected on todays
    storage.

13
Groups of secure Hardware
  • With sealed storage the keys are generated using
    the hardware and the software
  • For example, when you install a email client on a
    set of hardware a key is generated and used for
    the data that is saved and read from the email
    client.
  • If a virus is running on the PC it will not be
    able to read the email because the virus and the
    hardware combo generate a different key!

14
Groups of secure Hardware
  • With remote attestation a certificate is
    generated in hardware of the software installed
    and running on a computer.
  • This allows software writers to check and ensure
    that their software is unmodified and has not
    been hacked.
  • Identity of the software is verified with a hash
    that will change if the software has been
    changed.
  • Since the hash is compared to a remote hash the
    intruder has no way of forging altered software.

15
Trusted Computing
  • Not only TC is used for PCs but it is also going
    to be used for more hardware such as set top
    boxes, mobile phones, servers, storage devices,
    networks and more.

16
Trusted Computing
  • So when will we see TC being used?
  • For TC to work you have to have hardware with the
    TPM, and software to work with the TPM. Windows
    Vista is the next generation operating system by
    Microsoft that will make use of TC, although
    Microsoft likes to call it Trustworthiness.

17
Trusted Computing
  • So far both AMD and Intel are working on a new
    processor to use TPM.
  • Well, who would want to use TC?
  • So far the computer industry is supporting TC and
    the Army wants all of their computers by 2010 to
    use a secure model such as TC.

18
Use of Trusted Computing
  • Other software that uses TC are openTC, EMSCB,
    Forum for Open SW based TC, Enforcer,
    Next-Generation Secure Computing Base (NGSCB),
    TruoSerS The open-source TCG Software Stack,
    and Trusted Java.

19
Conclusion
  • Trusted Computing is an industry standard created
    to protect a user from intruders and unsafe
    actions.
  • With Trusted Computing the PC will decide who
    should be trusted and what is safe and unsafe
    using the Trusted Platform Module.
  • By default no one is trusted except the hardware
    and the software publishers. Not even the PC
    users are trusted. TC was created for our
    benefits for sure

20
Trusted-Platform-Module
Write a Comment
User Comments (0)
About PowerShow.com