Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bastion secure processor architecture

Published byLeonor Bonilha Peres Modified over 6 years ago

Similar presentations

Presentation on theme: "Bastion secure processor architecture"— Presentation transcript:

1 Bastion secure processor architecture
Ruby B. Lee Princeton University

2 Bastion’s Goals Protect security-critical software modules within an untrusted software stack O.S. as a potential adversary Physical attacks in addition to software attacks Set up secure compartments for trusted code, rather than sandbox for untrusted code Secure setup, execution and termination Resilient execution of security-critical tasks even in the presence of malware and (unrelated) corrupted code in software stack Enable scalability to multiple mutually suspicious trust domains Provide a mechanism for reporting trust evidence

3 Bastion: secure processor-hypervisor architecture
Secure compartments for trusted code and data rather than sandboxes for untrusted code End with threat model: CPU chip is trusted successful internal probe is hard All other hardware is untrusted memory chips, external buses, hard drives, etc. Hypervisor and small Trusted Software Modules are trusted All other software (OS and applications) is untrusted D. Champagne, R.B. Lee, "Scalable Architectural Support for Trusted Software", IEEE Intl. Symp. on High-Performance Computer Architecture (HPCA), Jan. 2010

4 Bastion’s Trusted Software Modules
Each TSM has a security segment, module_ID & identity Securely launched by new SECURE_LAUNCH hypercall Assigns module_id Computes module identity Hash of code & static data, and Hash of security segment Sets up module memory protection Security segment

5 Bastion Virtual Memory Mappings (SW attacks)
Set up by hypervisor during SECURE_LAUNCH hypercall Hypervisor provides data to CPU on TLB miss module_id zero reserved for untrusted software

6 Secure Physical Memory (HW attacks)
hash_tree_root register

7 Scalable Secure Storage (SS) sealed to each Trusted Software Module or Hypervisor
Talk about how you only need one set of (Hash, Key) registers to protect the hyperviser, but then thru the hyperviser’s SSA you can protect arbitrary number of SSAs for arbitrary number of TSMs.

8 Minimal Layer-skipping Trust Chains
Provide firm anchor (in hardware) for Trust Chains Prevents “attacks from below” Enable Minimal trust chains for integrity Today: Full trust chain Tomorrow: Minimal trust chain Enable trusted application execution -- even with a compromised OS and/or malware in an untrusted SW stack Enabling technology: SP or Bastion architecture How to level the playing field for Cyber Security? Allow security-critical execution even in the presence of malware

9 Layer-skipping Integrity Checking
27. November 2018 Layer-skipping Integrity Checking hardware can measure every layer of software, then that software measures other parts of system, or directly measure only trusted software in question |

10 Attestation of Remote System
27. November 2018 Attestation of Remote System Customers need attestation that correct code is executing on good platform untrusted subjects have not attempted to compromise the platform, code or data customer has secure means to connect to the remote code and data |

11 Bastion’s Tailored Attestation

12 Bastion Architectural Concepts
Bastion architecture is a co-designed Processor-Hypervisor Trusted Computing Base (TCB) Minimal, layer-skipping trust chain with HW trust anchors Processor hardware protects Hypervisor Hypervisor protects Trusted Software Modules Runtime Protection Shadow access control for enhanced virtual-to-physical memory mappings (protection from SW attacks) physical memory authentication (protection from HW attacks) Secure inter-module control flow Secure storage sealed to trusted module Scalability with hypervisor-protected “soft” registers for module-specific trust anchors Only 2 hardware trust anchors required Efficient Processor-based Tailored Attestation Measurement of SW identities at Secure Launch Runtime protection and Reporting of Trust Evidence with Attest instruction

13 New Security Mechanisms
Protecting the different phases of security-critical software

14 Bastion: security mechanisms
Hypervisor Protection Secure Launch of Hypervisor Protecting Hypervisor at Runtime Trusted Software Module Protection Secure Launch Secure Virtual-to-Physical Memory Mapping Secure Physical Memory Secure Inter-Module Control Flow Trusted Computing Primitives Tailored Attestation Secure Storage sealed to each Trusted Software Module

15 Instructions needed Because of trusted software layer above the hardware, the hypervisor, Bastion only needs 2 new instructions: Hyperviser secure launch Attest hypervisor Rest can be done with software Hypercalls.

16 Bastion Supports Flexible Trust Domains

17 Summary: Bastion Security
Hardware-protected hypervisor Fine-grained module isolation and sharing Can provide Secure Execution Environments for Trusted Software Modules in App and OS spaces Authenticated module transitions Resilient attestation Secure Memory Module-specific secure storage

18 Extras

19 Beyond SP and TPM How to scale SP to support multiple simultaneous Trusted Software Modules (TSM) from different trust-domains? What best security functions provided by TPM can be built into microprocessor? How? Enable resilient execution of security-critical tasks Provide resilient attestation

20 Extending SP: Design Goals
Provide application-level security without trust in OS (SP philosophy) Extend the SP architecture to support multiple TSMs (main thrust) Support full-blown memory integrity Offer each TSM a piece of secure storage Multiple TSM support means we need to: identify TSMs at launch distinguish between TSMs at runtime manage multiple contexts provide remote attestation

21 The Hypervisor as a “Super TSM”
Managing multiple secure contexts in hardware is hard Hardware has poor visibility into software contexts Very limited on-chip storage Complex, “software-type” management functionalities required A thin hypervisor is great as a secure context manager: Fits in a few thousand lines of code Decent visibility into software context Quasi-unlimited secure storage Can easily handle whole range of critical tasks TSM launch runtime identification secure context switch etc…

22 Secure Module Transitions
Asynchronous transitions: Triggered by: module preemption/resumption Hypervisor action: save/restore module registers Synchronous transitions: Triggered by: call_module/return_module instructions Hypervisor action: check call/return sequence, authenticate caller/callee

23 Conclusions Bastion TCB provides Tailored Attestation: resilient, functional attestation This is enabled by TCB mechanisms providing core security functions: Hardware-protected hypervisor Fine-grain module isolation and sharing Authenticated module transitions Module-specific secure storage An implementation on OpenSPARC demonstrates feasibility and improved performance over TPM attestation and secure storage

Download ppt "Bastion secure processor architecture"

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Virtualisation From the Bottom Up From storage to application.

Virtualisation From the Bottom Up From storage to application.
1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.

1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Tamper Evident Microprocessors Adam Waksman Simha Sethumadhavan Computer Architecture & Security Technologies Lab (CASTL) Department of Computer Science.

Tamper Evident Microprocessors Adam Waksman Simha Sethumadhavan Computer Architecture & Security Technologies Lab (CASTL) Department of Computer Science.
Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.

Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.
Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.

Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Chapter 6 User Protections in OS. csci5233 computer security & integrity (Chap. 6) 2 Outline User-level protections 1.Memory protection 2.Control of access.

Chapter 6 User Protections in OS. csci5233 computer security & integrity (Chap. 6) 2 Outline User-level protections 1.Memory protection 2.Control of access.
Computer Science HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang North Carolina.

Computer Science HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang North Carolina.
1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.

1 Minimal TCB Code Execution Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Arvind Seshadri Carnegie Mellon University May 22, 2007.
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
1 How Low Can You Go? Recommendations for Hardware- Supported Minimal TCB Code Execution Bryan Parno Arvind Seshadri Adrian Perrig Carnegie Mellon University.

1 How Low Can You Go? Recommendations for Hardware- Supported Minimal TCB Code Execution Bryan Parno Arvind Seshadri Adrian Perrig Carnegie Mellon University.
1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.

1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.
outline Purpose Design Implementation Market Conclusion presentation Outline.

outline Purpose Design Implementation Market Conclusion presentation Outline.
TrustVisor: Efficient TCB Reduction and Attestation Jonathan M

TrustVisor: Efficient TCB Reduction and Attestation Jonathan M
Processes Part I Processes & Threads* *Referred to slides by Dr. Sanjeev Setia at George Mason University Chapter 3.

Processes Part I Processes & Threads* *Referred to slides by Dr. Sanjeev Setia at George Mason University Chapter 3.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Similar presentations

Ads by Google