Erica Burch Jesse Forrest

Slides:



Advertisements
Similar presentations
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Advertisements

Vpn-info.com.
Hardware Security: Trusted Platform Module Amir Houmansadr CS660: Advanced Information Assurance Spring 2015 Content may be borrowed from other resources.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Trusted Computing Platforms Blessing or Curse? by Bastian Sopora, Seminar DRM 2006.
Chapter 1 – Introduction
Using Secure Coprocessors to Protect Access to Enterprise Networks Dr. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil.
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.
1 NEW GENERATION SECURE COMPUTING BASE. 2 INTRODUCTION  Next Generation Secure Computing Base,formerly known as Palladium.  The aim for palladium is.
PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.
PAPER PRESENTATION ON NETWORK SECURITY ISSUES BY M.D SAMEER YASMEEN SULTHANA.
Mathieu Castets October 17th,  What is a rootkit?  History  Uses  Types  Detection  Removal  References 2/11.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK
Chapter 2 Securing Network Server and User Workstations.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
CPT 123 Internet Skills Class Notes Internet Security Session B.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
TULSIRAMJI GAIKWAD-PATIL C OLLEGE OF E NGG. & T ECH. Seminar on “Palladium Cryptography” Presented by Amit S. Wankhade Guided by HoD Prof. Department of.
Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.
© 2015 Digital Rights Management in a 3G Mobile Phone and Beyond Thomas S.Messerges, Ezzat A. Dabbish ILKOO LEE.
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources 1.
Security Issues in Information Technology
Presented by Mert Çetin
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.
A Seminar on Securities In Cloud Computing
Securing Network Servers
Web Applications Security Cryptography 1
Hardware-rooted Trust for Secure Key Management & Transient Trust
Cryptography: an overview
Technical Report PKI for
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Secure Software Confidentiality Integrity Data Security Authentication
Cryptographic Hash Function
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
Trusted Computing and the Trusted Platform Module
Outline What does the OS protect? Authentication for operating systems
The Security Problem Security must consider external environment of the system, and protect it from: unauthorized access. malicious modification or destruction.
pVault Sharing Architecture
Firewalls.
Information and Network Security
Outline What does the OS protect? Authentication for operating systems
Innovations for Grid Security from Trusted Computing
TPM, TEE, SGX Technologies
Technical Report PKI for
INFORMATION SYSTEMS SECURITY and CONTROL
Cryptography: an overview
Faculty of Science IT Department By Raz Dara MA.
DATABASE SECURITY For CSCL (BIM).
Security.
Module 2 OBJECTIVE 14: Compare various security mechanisms.
ONLINE SECURE DATA SERVICE
Shielding applications from an untrusted cloud with Haven
Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow
Computer Security By: Muhammed Anwar.
Operating System Concepts
A Model For Network Security
Presentation transcript:

Erica Burch Jesse Forrest Trusted Computing Erica Burch Jesse Forrest

What is Trusted Computing? Refers to technology from the Trusted Computing Group (TCG) which allows for computers and servers to offer improved computer security and protection from computer viruses and the like.

Who is the Trusted Computing Group? A controversial initiative led by: AMD Hewlett-Packard IBM Intel Microsoft Sony Sun Microsystems https://www.trustedcomputinggroup.org/home

TC Basic System Concepts CPU is identified using certificates Encryption is performed in the hardware Data can be signed with the machine’s identification Data can be encrypted with the machine’s secret key

Proposals for 4 New Features Secure I/O is verified using checksums Malicious software injecting itself in this path can be identified Cannot defend against a hardware based attack

Proposals for 4 New Features 2. Memory curtaining has the hardware keep programs from reading or writing each other’s memory Information is secure from an intruder with control over OS

Proposals for 4 New Features 3. Sealed storage protects private information with encryption from a key derived from corresponding hardware and software Data can only be read by the same combination of software and hardware Protected against dictionary attacks

Proposals for 4 New Features 4. Remote attestation allows changes to user’s computer to be detected Hardware generates a certificate stating what software is currently running Combined with public-key encryption to present certificate to remote party

Controversy “TC allows computer manufacturers and software authors to monitor and control what users may do with their computers” Users can’t change software Users do not control information they receive Users do not control their data Loss of Internet Anonymity Proposed owner override for TC

Controversy Continued… There is no way to determine if the hardware has been properly implemented or if any backdoors have been added. Cryptographic designs and algorithms may become obsolete which will mean that users will be forced into unwanted upgrades with high switching costs. In the event of a hardware failure, there is no way to reclaim encrypted data which means vital information may be lost forever.

Computer Security Threat Models Computer Security concerns the protection of information assets. For personal computers this means the protection of stored data and programs. Protection typically involves confidentiality, integrity, and availability.

Threat Models – Scenario 1 Traditional PC Threat Model The owner is trusted, has full control over the PC, and is recognized by a password or biometrics. Adversary is an unauthorized user. PC Owner PC Hacker Trusted Trusted Not Trusted

Threat Models – Scenario 2 TC Threat Model Similar to Personal Computers Mode, except that in this case the trust between the PC and its owner is broken. Only the PC is trusted. PC Owner PC Hacker Not Trusted Trusted Not Trusted

Threat Models – Scenario 3 Digital Forensic Threat Model Similar to TC model. However, The law enforcement agent is able to extract incriminating data stored on the computer. PC Owner PC Law Enforcement Not Trusted Trusted Trusted

Topics Discussed What Trusted Computing (TC) is. Who is the Trusted Computing Group (TCG). The 5 Components to Make TC Work. Proposals for 4 New Features in TC. TC Controversy The 3 threat models.

References http://www.againsttcpa.com https://www.trustedcomputinggroup.org/home http://www.wikipedia.com http://www.lafkon.net/tc/TC_MID.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.