Hardware security: The use of a Trusted Platform Module

Slides:

Advertisements

Similar presentations

Advertisements

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Motherboard, BIOS and POST The external data bus connects devices on the motherboard together. Everything is also connected to the address bus. These busses.

Securing. Agenda  Hard Drive Encryption  User Account Permissions  Root Level Access  Firewall Protection  Malware Protection.

Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

1 Web Server Administration Chapter 3 Installing the Server.

SEC316: BitLocker™ Drive Encryption

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.

outline Purpose Design Implementation Market Conclusion presentation Outline.

File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006.

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Microsoft ® Official Course Module 8 Securing Windows 8 Desktops.

Trusted Computing BY: Sam Ranjbari Billy J. Garcia.

Week #7 Objectives: Secure Windows 7 Desktop

Chapter 4: Overview of Preventive Maintenance

Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

Initial Tiger Team Briefing New Dells with TPM Peter Leight Richard Hammer May 2006.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

CSCI 1033 Computer Hardware Course Overview. Go to enter TA in the “Enter Promotion Code” box on the bottom right corner.

Trusted Infrastructure Xiaolong Wang, Xinming Ou Based on Dr. Andrew Martin’s slides from TIW 2013.

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Software Grade 10. BIOS and the Power-on Self Test A computer can’t do much without instructions The first thing the CPU does when you switch it on is.

Understand Encryption LESSON 2.5_A Security Fundamentals.

Lesson 18: Configuring Security for Mobile Devices MOAC : Configuring Windows 8.1.

Done by: Chelsea Bryan Friday, October 10,2014.   The BIOS (aka) Basic input/output system, is a built in software that determines what's a computer.

What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Overview of Preventive Maintenance IT Essentials 5.0.

Windows Vista Configuration MCTS : NTFS Security Features and File Sharing.

Computer Security module October 2008 Mark D. Ryan HP Labs, Bristol University of Birmingham Trusted Platform Module (TPM) introduction.

Computer Security module October 2009 Mark D. Ryan University of Birmingham Trusted Platform Module (TPM) introduction.

Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources 1.

Lesson 13 PROTECTING AND SHARING DOCUMENTS

UNM Encryption Services in Development

The Secure Sockets Layer (SSL) Protocol

Presented by Mert Çetin

Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.

Chapter Objectives In this chapter, you will learn:

Trusted Computing and the Trusted Platform Module

Trusted Infrastructure

Chapter Objectives In this chapter, you will learn:

Memory Key Revision Points.

Trusted Computing and the Trusted Platform Module

A Wireless LAN Security Protocol

Outline What does the OS protect? Authentication for operating systems

PV204 Security technologies

Module 8: Securing Network Traffic by Using IPSec and Certificates

Topic 1: Data, information, knowledge and processing

Outline What does the OS protect? Authentication for operating systems

Introduction to Computers

Lesson 13 PROTECTING AND SHARING DOCUMENTS

CS691 M2009 Semester Project PHILIP HUYNH

Chapter 2 Objectives Identify Windows 7 Hardware Requirements.

How to Update the BIOS on HP Notebook PCs?

Uses Of Encryption Algorithms

Building hardware-based security with a Trusted Platform Module (TPM)

CS691 M2009 Semester Project PHILIP HUYNH

Lesson #7 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 7 Configuring Devices and Updates.

Device management How does the operating system manage the hardware and peripheral devices? Device Driver: Each device is attached to your computer with.

The Secure Sockets Layer (SSL) Protocol

Module 8: Securing Network Traffic by Using IPSec and Certificates

Computer Startup.

TPM, UEFI, Trusted Boot, Secure Boot

Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow

Unit 8 Network Security.

Bruce Maggs (with some slides from Bryan Parno)

Bruce Maggs (with some slides from Bryan Parno)

Presentation transcript:

Hardware security: The use of a Trusted Platform Module Juan José López Jaimez A01361534

Why hardware security? Imagine that your computer gets robbed…… Would the thief be able to access your documents? Scenario 1: Not so intelligent thief, can’t go further than the windows/OS Password and just formats your laptop and sells it Scenario 2: A person with the knowledge to bypass the windows password seeks to steal your information

Why hardware security? How to prevent the scenario 2? a) set a BIOS password: But what if the attacker unplugs your hard drive and then just connects it to another computer

Why hardware security? Solution: Encrypt your HDD.

Why hardware security There are other problems… How can you make sure that you can protect your intelectual property (IP) How can you be sure that your operating system was not modified by an attacker?

Hardware security: What is a TPM TPM (Trusted Platform Module) is a computer chip (microcontroller) that can securely store artifacts used to authenticate the platform (your PC or laptop). These artifacts can include passwords, certificates, or encryption keys. A TPM can also be used to store platform measurements that help ensure that the platform remains trustworthy.

Function implemented on a TPM Generate Primary keys Symmetric Assymetric Sign Keys Encrypt data Decrypt data

Hardware security: How?

Hardware security: How? Secure Boot is a security standard developed by members of the PC industry to help make sure that your PC boots using only software that is trusted by the PC manufacturer. When the PC starts, the firmware checks the signature of each piece of boot software, including firmware drivers (Option ROMs) and the operating system. If the signatures are good, the PC boots, and the firmware gives control to the operating system. The following versions of Windows support Secure Boot: Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 8, Windows Server 2012, and Windows RT.

How to get one? Some laptops already come with one integrated on the Motherboard If the motherboard has a compatible sloth, just buy one and plug it in (you may have to flash your bios)

Sources: Trusted Platform Module (TPM) Summary | Trusted Computing Group. (2008). Retrieved October 31, 2016, from http://www.trustedcomputinggroup.org/trusted-platform-module-tpm-summary/ Secure Boot Overview. (n.d.). Retrieved October 31, 2016, from https://technet.microsoft.com/en- us/library/hh824987.aspx