SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater

Uploaded on

Presentation SE-4101 by Jon Geater from the AMD Developer Summit (APU13) November 11-13, 2013.

Presentation SE-4101 by Jon Geater from the AMD Developer Summit (APU13) November 11-13, 2013.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 3. The  changing   landscape  
  • 4. THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   Desktop   400   Laptop   300   Smartphone   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   4   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
  • 5. THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   400   All  PC   Smartphone   300   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   5   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
  • 6. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  So  why  are  we  talking  about  Smartphones  at  an   AMD  conference?     !  What  is  a  mobile  device?   6   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 7. JUST  A  FEW  YEARS  AGO…   MOBILE  SECURITY   !  I  was  working  for  an  Enterprise  Security  company   making  encryp^on  and  key  management  products   !  We  were  asked  by  a  major  US  bank  to  help  them   with  the  problem  they  had  with  informa^on   security  on  mobile  devices   !  2  primary  device  types:   ‒  Laptops       This  one’s  fairly  obvious.    But  this  was  easier  because  of   established  security  vendors  and  no  real  no^on  of   BYOD  for  laptops   ‒  Tape  drives  (!)   They  are  very  mobile…   But  compara^vely  simple  security  problem  .   7   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 8. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops  –  truly  heterogeneous!   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   8   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 9. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   9   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Sensi^ve     Informa^on  
  • 10. Security  and   trust  
  • 11. WHAT  IS  RISK?   Risk  =  probability  x  severity   11   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 12. WHAT  IS  RISK?   Risk  =  ^me  x  remedia^on   12   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 13. WHAT  IS  RISK?   Risk  =  likelihood  x  cost   13   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 14. WHAT  IS  RISK?   How  much  should  I  care  about   this?     When  will  it  happen?     What’s  the  impact  if  it  does?   Risk  =  likelihood  x  cost   14   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 15. WHAT  IS  SECURITY?   A  Venn  diagram   SECURE 15   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   NOT SECURE
  • 16. WHAT  IS  SECURITY?   A  Venn  diagram   SECURE?   16   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 17. WHAT  IS  SECURITY?   Security     Is   Contextual   17   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 18. THE  RISE  OF  MOBILE   MY CONTROL! NO, MINE! AFFECTS  THE  ENTIRE  CHAIN   !  Things  are  much  more  complicated  now     !  The  different  use  cases  present  a  set  of  conflic^ng   use  cases  that  a  single  extant  planorm  has  to  sa^sfy   !  And  that’s  before  the  user  gets  involved   Privac y please !  Mul^-­‐tenancy  on  a  consumer  device  lacks  some  of   the  more  powerful  approaches  available  to  server   applica^ons   CLOSED! OPEN! !  There  are  also  more  threats  now   ‒  Professionalized  malware   ‒  Threats  always  follow  the  money   18   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 19. Start  Trusted,   Stay  Trusted  
  • 20. START  TRUSTED   HARDWARE  ROOTS  OF  TRUST   !  So  how  does  security  enable  trust?   App !  We  typically  define  fundamental  security  building   blocks  as  “Roots  of  Trust”   !  To  be  effec^ve  the  RoT  has  to  be  rooted  in   hardware   ‒  Otherwise  there  are  too  many  ways  to  remove  it,  and   nothing  to  check  back  against   ‒  “Trust,  but  verify”   !  Not  just  a  key:  includes  the  mechanisms,  code  etc   ‒  NIST  guidelines   !  Secure  boot  mechanisms  (including  UEFI)  are  based   on  roots  of  trust   !  Scaling  problem  –  not  everyone  can  own  a  direct   root!    So  the  planorm  has  to  provide  the  main  one   20   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   App   App   App   Opera^ng  System   Protected   Storage   Isola:on   RoT  for   RoT  for   Integrity    Repor-ng   RoT  for     Storage   Device   Integrity   RoT  for     Verifica-on   RoT  for   Measurement   Picture:  Andrew  Regenshield:  NIST/Computer  Security  Division    
  • 21. STAY  TRUSTED   SECURITY  DOESN’T  STAY  STILL   !  Boot  security  is  necessary  but  not  sufficient   ‒  Doesn’t  account  for  run-­‐^me  exploits   ‒  Good  for  system  FW  but  doesn’t  scale  to  applica^ons     !  Security  is  a  dynamic  affair.    We  need  to  be  able  to  react   as  quickly  as  the  threats/market   !  Planorm  use  cases  shouldn’t  be  fixed  when  the  chip  leaves   the  factory   ‒  Need  to  be  able  to  add  trusted  func^onality  later  on   !  Security  context  is  best  known  to  the  service  providers  but   they  do  not  make  hardware.   ‒  How  to  anchor  their  trust  chains  in  hardware  at  scale?   ‒  How  to  encode  their  use  case  into  general  purpose  HW?   ‒  Can  you  do  a  whole  FW  update  each  ^me  a  single  app   changes?    No!   21   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 22. TrustZone®   and  TEE  
  • 23. TRUSTZONE®     HARDWARE  BACKED  SECURITY  FROM  ARM   !  Separa^on  technology  built  into  ARM  Cortex-­‐A   processors   !  Enables  2  independent  process  stacks  to  execute  on   a  single  SoC:  Normal  mode  and  Secure  mode   !  Memory  and  peripherals  can  be  par^^oned  into   secure-­‐only  or  shared   !  Mode  separa^on  is  enforced  by  the  processor  and   fabric  –  stronger  than  MMU     !  Sovware  in  Normal  World  (including  awacks!)  can’t   read  memory  or  peripherals  that  are  reserved  for   Secure  World   !  It  is  not  magic!    Designed  to  defeat  sovware   awacks,  not  na^onal  governments  and  laserbeams   !  Doesn’t  have  any  sovware   23   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TZ  only   Switchable   Normal  
  • 24. TRUSTED  EXECUTION  ENVIRONMENT     PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   Primary  device   environment     runs  as  normal,   including  other   security   mechanisms     Rich OS Application Environment Client Applications GlobalPlatform GlobalPlatform TEE FunctionalAPI TEE Functional API GlobalPlaIorm  APIs   ensure  portability   across  handsets/ plaIorms     GlobalPlatform TEE Client API GlobalPlatformTEE Client API   Security  cri:cal  code   and  resources   protected  by  TEE   applica:ons   Trusted Execution Environment   Trusted Application DRM Trusted Application Payment Payment Trusted Application Corporate Corporate GlobalPlatformTEE Internal API GlobalPlatformTEEInternal Trusted Core Trusted Core Environment Environment Trusted Functions Rich OS   TEE  provides  the   constant  security   founda:on   independent  of  OS   choice       TEE Kernel Hardware Platform Integrity  and  trust   underpinned  by    SoC   Image:  GlobalPlanorm   hardware   24   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL     HW Secure Resources HW Keys, Secure Storage, Trusted UI (Keypad, Screen), Crypto accelerators, NFC controller, Secure Element, etc. Control  of  secure   resources    
  • 25. TRUSTED  EXECUTION  ENVIRONMENT       PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   !  TEE  combines  the  planorm  hardware  with  sovware   to  provide  an  open  environment  in  which  to  run   security  sensi^ve  code  for  normal  applica^ons   !  Highly  flexible  system  enables  applica^on   stakeholders  to  protect  their  own  func^onality   ‒  Correct  context  is  used   !  GlobalPlanorm  is  not  the  only  model   ‒  But  a  standard  helps  with  a  scalable  ecosystem   !  Provides  simple  APIs  for  cryptography,  secure   storage  etc   !  Working  towards  advanced  APIs  for  things  like   Trusted  User  Interface  (where  applicable)     25   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 26. BACKEND  TRUST  AND  ENROLMENT   COMPLETING  THE  CHAIN  OF  TRUST   !  A  well-­‐built  TEE  provides  strong  separa^on  of   processes  on  the  device   !  But  as  we’ve  seen,  systems  and  trust  are  bigger   than  the  device   !  A  remote  loading  system  connected  to  the  Roots  Of   Trust  is  essen^al  in  order  to  sustain  a  chain  of  trust   from  Chip  to  Cloud   !  Making  it  essen^al  to  the  crea^on  of  an  ecosystem   !  This  is  not  yet  standardized  but  Trustonic  operates  a   backend  system  connected  to  an  on-­‐chip  Root  of   Trust   26   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 27. START  TRUSTED,  STAY  TRUSTED   Secure  Kernel   !  Trusted apps are verified before they can run and access sensitive assets – contextual security   !  Normal World can only access trusted apps through published APIs – transaction integrity !  Manufacturing and Backend systems maintain the chain of trust between chip, apps and relying parties     27   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Trusted  app   !  TEE is given control of secure peripherals, memory regions and trusted apps Trusted  app   !  ‘Secure boot’ from SoC ROM assures integrity of TEE and sensitive data assets Trusted  app   LIFECYCLE  SUPPORT  DESIGNED-­‐IN  
  • 28. WHAT  ABOUT  TPM?   TPM  2.0  protocol  can  be  supported  too   !  TPM 2.0 is an interface specification   REE   TEE   Rich  App   !  Can co-exist with TEE, or run as an application inside it ‒  Or even be a hardware one, if money, space and power allow. Compatible with all models !  Extensive work in the TCG on Firmware TPMs (PCClient group) and Mobile TPMs (Mobile Platforms group) to enable this kind of architecture     28   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Rich  App   TA   TPM  Client  API   TPM   TEE  Client  API   TA   TEE  Internal  API    +     TEE  trusted  UI  ++   Mobile  OS   Smartphone  hardware     Trusted  OS   TEE  entry  
  • 29. Client  to  Cloud   Examples  
  • 30. CHIP  TO  CLOUD  TRUST   EXAMPLE  USE  CASE:  SIMPLER  LOGIN   Open Environment LOGO COLOR VERSIONS OTP Launcher Trusted Execution Environment OTP TA Secure OTP generation Secure OTP key storage LOGO Cloud  service  can  have   more  confidence  in  the   ID  claim  they  receive     APIs Client API Rich OS Trusted User Interface LOGO IN BLACK Secure cryptography LOGO ON BLACK ARM TrustZone® enabled SoC 30   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   User  has  the   convenience  of  using   their  preferred  device,   and  fewer  clicks   Secure Mass Storage
  • 31. CHIP  TO  CLOUD  TRUST   OTHER  USE  CASES   !  Flexible  iden^ty  &  access  use  cases   ‒  Convert  passwords  to  stronger  on-­‐the-­‐wire  creden^als   ‒  Also  biometrics   !  Transac^on  verifica^on  and  protec^on   ‒  Simpler  payments   ‒  Confiden^ality   ‒  binding  integrity   !  Content   ‒  DRM  processing,  innova^ve  delivery  models   !  Enterprise   ‒  On  board  creden^als  for  VPN  etc   ‒  BYOD  trust  anchors   ‒  Virtual  HSM   !  Improve  user  experience   !  Provide  more  innova^ve  services   31   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 32. CHIP  TO  CLOUD  TRUST   BENEFITS   !  Chip  to  cloud  works  both  ways   ‒  The  client  is  increasingly  the  primary  device.    Remote   service  should  have  to  prove  itself  before  the  device   gives  up  any  sensi^ve  informa^on   ‒  The  flexible  architecture  of  TEE  enables  these  islands  of   trust  to  work  both  ways   !  Ability  to  verify  root  of  trust  separately  enables   greater  confidence  and  unlocks  poten^al  for   enhanced  services  and  user  experience   !  Privacy  impacts  can  be  limited  by  separa^ng  the  key   actors  in  the  system:  something  that  can  happen   naturally   32   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 33. AMD  and   Trustonic  
  • 34. AMD  AND  TRUSTONIC   THE  PLATFORM  SECURITY  PROCESSOR   !  The  Planorm  Security  Processor  (PSP)  is  a  dedicated   ARM  co-­‐processor  within  the  APU  dedicated  to   providing  security  func^ons   AMD64   APU   !  Has  its  own  secure  RAM  and  NV  storage   !  Can  access  system  memory   PSP   !  Crypto  func^onality,  including  TRNG   !  Last  month  AMD  and  Trustonic  announced  a   partnership:  AMD  has  licensed  the  Trustonic  TEE  to   run  as  the  security  kernel  in  the  PSP   !  Talk  to  AMD  for  the  PSP  roadmap  and  access  for  3rd   party  security  extensions   34   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TEE   (Not  to  scale!)  
  • 35. Wrap  up  
  • 36. WRAPPING  UP      1   The  mobility  trend  affects  ALL  areas  of  compu^ng      2   Security  is  DYNAMIC.    Need  to  keep  up.      3   HARDWARE  trust  is  needed  to  defeat  SOFTWARE  threats      4   A  collabora^ve  ECOSYSTEM  approach  is  essen^al      5   AMD  and  Trustonic  are  working  together  to  enable  this   36   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 37. 37   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 38. Thank  you  
  • 39. DISCLAIMER  &  ATTRIBUTION   The  informa^on  presented  in  this  document  is  for  informa^onal  purposes  only  and  may  contain  technical  inaccuracies,  omissions  and  typographical  errors.     The  informa^on  contained  herein  is  subject  to  change  and  may  be  rendered  inaccurate  for  many  reasons,  including  but  not  limited  to  product  and  roadmap   changes,  component  and  motherboard  version  changes,  new  model  and/or  product  releases,  product  differences  between  differing  manufacturers,  sovware   changes,  BIOS  flashes,  firmware  upgrades,  or  the  like.  Trustonic  assumes  no  obliga^on  to  update  or  otherwise  correct  or  revise  this  informa^on.  However,   Trustonic  reserves  the  right  to  revise  this  informa^on  and  to  make  changes  from  ^me  to  ^me  to  the  content  hereof  without  obliga^on  of  AMD  to  no^fy  any   person  of  such  revisions  or  changes.     TRUSTONIC  MAKES  NO  REPRESENTATIONS  OR  WARRANTIES  WITH  RESPECT  TO  THE  CONTENTS  HEREOF  AND  ASSUMES  NO  RESPONSIBILITY  FOR  ANY   INACCURACIES,  ERRORS  OR  OMISSIONS  THAT  MAY  APPEAR  IN  THIS  INFORMATION.     TRUSTONIC  SPECIFICALLY  DISCLAIMS  ANY  IMPLIED  WARRANTIES  OF  MERCHANTABILITY  OR  FITNESS  FOR  ANY  PARTICULAR  PURPOSE.  IN  NO  EVENT  WILL   TRUSTONIC  BE  LIABLE  TO  ANY  PERSON  FOR  ANY  DIRECT,  INDIRECT,  SPECIAL  OR  OTHER  CONSEQUENTIAL  DAMAGES  ARISING  FROM  THE  USE  OF  ANY   INFORMATION  CONTAINED  HEREIN,  EVEN  IF  TRUSTONIC  IS  EXPRESSLY  ADVISED  OF  THE  POSSIBILITY  OF  SUCH  DAMAGES.     ATTRIBUTION   ©  2013  Trustonic  Ltd.  All  rights  reserved.  Trustonic,  the  graphical  <t  logo  and  combina^ons  thereof  are  trademarks  of  Trustonic  Ltd.  in  Europe,  the  United   States  and/or  other  jurisdic^ons.    AMD  is  a  trademark  of  Advanced  Micro  Devices,  Inc.    ARM  and  TrustZone  are  trademarks  of  ARM,  Ltd.Other  names  are  for   informa^onal  purposes  only  and  may  be  trademarks  of  their  respec^ve  owners.   39   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  • 40. SESSION  ABSTRACT   !  TITLE:  Trust  thy  neighbour?    Trustworthy  mul^-­‐tenancy  for  the  modern  applica^on  ecosystem   !  SHORT  ABSTRACT:  With  tales  of  leaks,  hacks  and  malware  on  the  rise,  trust  in  mobile  systems  is  in  short   supply  these  days.    In  other  areas  an  almost  opposite  but  equally  troubling  problem  exists  where  walled   gardens  or  security  agents  seek  to  keep  out  the  bad  guys,  but  also  s^fle  innova^on  and  invite  ques^ons  of   trust  in  the  mo^va^on  and  interest  of  the  gardeners.     !  This  talk  looks  at  recent  developments  in  client-­‐to-­‐cloud  trust  technology  in  the  ARM  mobile  device   ecosystem  and  presents  a  model  for  both  security  and  control  that  allows  mul^-­‐tenancy  with  confidence.     It  also  covers  how  AMD  have  adopted  and  adapted  some  of  this  technology  to  create  a  world-­‐leading  SoC   planorm  with  trust  built  into  the  very  heart  of  the  chip.     40   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL