Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture notes Spring 2007 Dr. Clifford Neuman University of Southern California Information Sciences Institute

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Administration Class home page –Preliminary Syllabus –Assigned Readings –Lecture notes –Assignments

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Who gets in Class size just increased to 30 –To add at this point requires my permission –See me and explain your interests and qualifications.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Structure of lecture Classes from 1:00 PM – 3:20 PM –10 minute break halfway through –In later lectures, final half of lecture will be for discussion of projects. –Students will have an opportunity to lead discussions about their projects.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Administration Class Instructor –Dr. Clifford Neuman –Office hours Friday 10:45-11:45 SAL 212

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Administration Grading –Preliminary Projects 20% –Mid-term exam 30% –Project and Paper 50% –Class participation ▪up to 20% bonus

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Projects Individual or Group project –Design or design and implement ▪Trusted computing support/middleware or ▪Trusted computing application –Write paper about the project

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Participation Early Design Exercises will promote class discussion –Students to pick an application (in groups is OK) –Prepare a 15 minute lecture on impact of Trusted computing in that application areas. –Present to class and lead discussion.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture One – Introduction January 12, 2007 Dr. Clifford Neuman University of Southern California Information Sciences Institute

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Trusted vs. Trustworthy We trust our computers –We depend upon them. –We are vulnerable to breaches of security. Our computer systems today are not worthy of trust. –We have buggy software –We configure the systems incorrectly –Our user interfaces are ambiguous regarding the parts of the system with which we communicate.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE A Controversial Issue Many individuals distrust trusted computing. One view can be found at –An animated short film by Benjamin Stephan and Lutz Vogel

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE What is Trusted Computing Attestation –Includes Trusted path Separation –Secure storage (data/keys) –Protection of processes The rest is policy –That’s the hard part –And the controversial part

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Outline of Course – First Half What is it Hardware Software Virtualization Encryption Policy

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Outline of Course – Second Half Case Studies Managing Domains Negotiation Obligation

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE The Landscape – Early Work Multics System in late 1960s. –Trusted path, isolation. Paper on Digital Distributed System Security Architecture by Gasser, Goldstein, Kauffman, and Lampson. –Described early need for remote attestation and how accomplished.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE The Landscape – Industry Industry interest in the late 1990s. Consortia formed such as the Trusted Computing Group. Standards specifications, starting with specs for hardware with goal of eventual inclusion in all new computer systems. –Current results centered around attestation and secure storage.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE The Landscape – Applications Digital Rights Management Network Admission Control –PC Health Monitoring –Malware detection Virtualization of world view –VPN Segregation –Process control / SCADA systems Many other users

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Discussion - Risks Trusted computing is a tool that can be misused. –If one party has too much market power, it can dictate unreasonable terms and enforce them. Too much trust in trusted computing. –Attestation does not make a component trustworthy. –Some will rely too much on certifications.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Discussion - Benefits Allows systems to be developed that require trustworthy remote components. –Provides protection of data when out of the hands of its owner. Can provides isolation and virtualization beyond local system. –Provides containment of compromise.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Discussion – What’s missing Tools to manage policy –Managing policy was limitation for TC support in Vista Applications that protect the end user –We need more than DRM and tools to limit what users run. New architectures and ways of thinking about security.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE For Next Week Topic: Hardware Basis for Trusted Computing Reading: PC Client, Trusted Platform, and Trusted Network connect specifications –