Introduction to chrome os

INTRODUCTION TO
GOOGLE CHROME OS
Presented By-
Indrajit Gohokar
Sec-B
Roll No-139
1

2
CONTENTS
• WHAT IS AN OPERATING SYSTEM?
• CURRENT SCENARIO
• CHROME OS:INTERNET OS
• ORIGIN
• CHROME OS:IN DEPTH
• FURTHER DEVELOPMENT
• ADVANTAGES
• LIMITATIONS
• CONCLUSION
• REFERENCES

3
• Program designed to
run other programs.
• Main Roles :
1. IO management
2. Processor management
3. File management
4. Memory management
WHAT IS AN OPERATING SYSTEM?

4
CURRENT SCENARIO
Market Position in Terms of OS
• Until now 58 stable standard
OS released.
• Most of them have GUI and
Network connectivity.
• Windows Operating Systems
share most of the Market.

5
Tim O’Reilly defines:
‘simply use our facilities, and
the complexity will go away’
thing is Internet OS. [1]
• An OS designed by Google
to work exclusively with
web applications.
• Extension of Chrome
Browser and Android.
• It is an open source,
lightweight OS.
• First OS dedicated to
Internet.
CHROME OS:INTERNET OS

7
ORIGIN
•Google developers began coding the operating system in 2009.
[2]
•To ascertain marketing requirements for an OS focused on
netbook Web transactions, Google did not do the usual
demographic research generally associated with a large software
development project.[2]
• Instead, engineers relied on more informal metrics, including
monitoring the usage patterns of some 200 Chrome OS
machines used by Google employees.[2]

8
ORIGIN
•Inspired by the growing popularity and lower power
consumption of netbooks and the focus of these small
laptops on Internet access.
•Based on the Google Chrome Browser.

9
CHROME OS:IN DEPTH
•GENERAL
I. SOFTWARE ARCHITECTURE
•SECURITY
I. SECURITY OVERVIEW
II. PROTECTING CACHED USER DATA
•FIRMWARE
I. FAST BOOT
II. VERIFIED BOOT
III. SECURE BOOT
•PLATFORM
I. FILE SYSTEM AUTO UPDATE

10
SOFTWARE ARCHITECTURE
Chromium OS consists of three major components:
1.The Chromium-based browser and the window manager. [3]
2.System-level software and user-land services: the kernel, drivers, connection
manager, and so on. [3]
3.Firmware . [3]

11
FIRMWARE
Implements the following functionalities:-
System recovery: Re-install OS in adverse conditions. [3]
Verified boot: Each time the system boots, Chromium OS verifies different
components. [3]
Fast boot: Improved Boot performance. [3]

12
CHROMIUM AND THE WINDOW MANAGER
[3]

13
SECURITY OVERVIEW
•Chromium OS has been designed from the ground up with
security in mind.
•Security is not a one-time effort, but rather an iterative
process that must be focused on for the life of the operating
system. [4]
•The goal is that, should either the operating system or the
user detect that the system has been compromised, an update
can be initiated, and—after a reboot—the system will have
been returned to a known good state. [4]

14
SECURITY OVERVIEW
SECURE AUTOUPDATE
•Signed updates are downloaded over SSL. [4]
•Version numbers of updates can't go backwards. [4]
•The integrity of each update is verified on subsequent boot,
using Verified Boot. [4]

15
SECURITY OVERVIEW
VERIFIED BOOT
•Verified boot provides a means of getting cryptographic
assurances that the Linux kernel, non-volatile system memory,
and the partition table are untampered with when the system
starts up. [4]
1.Firmware-based verification
2.Kernel-based verification

16
SECURITY OVERVIEW
• Applications have permission
same as user.
• Can communicate with each
other easily.
• Web application have limited
permission.
• They are treated as untrusted
apps and run in Encapsulated
environment.
Traditional OS Chrome OS

17
SECURITY OVERVIEW
BROWSER SANDBOX
•To help defend against an attacker who exploits a vulnerability
in the rendering engine, Chromium runs each rendering engine
in a sandbox. [5]
•This sandbox restricts the rendering engine's process from
issuing some system calls that could help the attacker reach the
goals. [5]

18
SECURITY OVERVIEW
FUTURE WORK
Biometrics
•Google is keeping an eye on biometric authentication technologies
as they continue to become cheaper and more reliable, but at this
time they believe cost/reliability tradeoffs is not where it needs to be
for the target users. [4]
• They expect these devices to be covered in their users' fingerprints,
so a low-cost fingerprint scanner could actually increase the
likelihood of compromise. [4]
•They were able to break into one device that used facial recognition
authentication software just by holding it up to the user's photo. [4]

19
PROTECTING CACHED USER DATA
•Chromium OS devices are intended to be both portable and
safely shared. As a result, privacy protection for user data
stored on the local disk is a requirement for a Chromium-based
OS. [6]
•Privacy protection for user data stored on a local disk is
accomplished via system-level encryption of users' home
directories. [6]

20
PROTECTING CACHED USER DATA
•Chromium OS uses the eCryptfs stacked file system with per-
user vault directories and keysets to separate and protect each
user’s cached data. [6]
•Cache data is Encrypted using image file per user which is
locked and encrypted. [6]

24
VERIFIED BOOT
•It starts with a read-only portion of firmware, which only
executes the next chunk of boot code after verification. [9]
•Ensures that all executed code comes from the Chromium OS
source tree, rather than from an attacker or corruption. [9]
•Focused on stopping the opportunistic attacker.
• It uses stored cryptographic hashes and may be compatible
with any trusted kernel. [9]

29
VERIFIED BOOT
• Digital Signatures are provided for every firmware update
• If malware found System recovers itself to clean image

30
SECURE BOOT
•Only Chrome OS BIOS will implement secure boot from first
power-on. [10]
•Portions of the firmware are read-only, forming the basis of
trust to validate the read/write portions of the firmware. [10]
•Once the firmware has been validated, boot process is
continued by reading the kernel from the disk. [10]

31
SECURE BOOT
Selecting the kernel
•There are at least two kernel partitions, to support
autoupdate and accidental corruption. [10]
•Each kernel partition is paired with a rootfs partition; kernel A
should only boot rootfs A, kernel B should only boot rootfs B,
etc. [10]
•Using a Google-supplied library (in
src/platform/vboot_reference/firmware), the BIOS searches
the GPT to find the Chrome OS kernel with the highest Priority
value and then runs the following checks on it:

32
SECURE BOOT
1.Check that (Successful Boot Flag == 1) or (Tries Remaining > 0).
2.If Successful Boot Flag == & Tries Remaining == 0, lower the Priority to 0 and
find the next kernel. This was a kernel that failed its last boot try.
3.Check the kernel signature header. If it’s invalid, and (Tries Remaining > 0),
set Tries Remaining = Priority = 0 and find the next kernel.
4.Begin copying the kernel blob into RAM.
5.Check the kernel blob signature as it’s copied. If it’s invalid, set Priority = 0
and find the next kernel.
6.If Tries Remaining > 0, decrement the Tries Remaining value in the partition
table.
7.Invoke the bootstub, which then launches the kernel.
If no valid kernel is found, we can’t boot this device.

34
FILE SYSTEM AUTO-UPDATE
•The autoupdate mechanism aims to provide seamless and
secure updates to the latest version of Chromium OS without
user interaction. [11]
•Updates usually come in the form of deltas which are
downloaded to a backup boot partition. Upon reboot, the
backup partition becomes the primary. [11]
•In case there is a problem with the update, the system can
revert to using the previous partition. [11]

35
[8]

36
[8]

37
[8]

38
FURTHER DEVELOPMENT
• Open Source project named ‘Chromium’
started .
• Open Source Communities are adding code
to Chromium
• Google Developers and Open Source
Developers are working on same tree for
betterment of OS
• Google is working with OEM to make
Chrome OS machines available in market at
the end of this year
• Expected that Chrome OS and Android will
converge together

39
ADVANTAGES
•Free, Open Source : Lots of opportunity for developers
•One of the main advantages of Chrome OS over its
competitors, primarily, would be the system requirements.
•Low hardware cost.
•Record time of about 6-7 seconds to load the OS.

40
LIMITATIONS
•The OS is designed to specifically target the Internet
generation so it won't be as successful in the short term.
•Users wont be able to use it unless they have access to high
speed internet.
• If there are problems with connection, Chrome OS becomes
virtually helpless.
• Most data of the user not stored on local drives but in the
cloud that is in the network.

41
Is the world ready for Web OS?
•Back in 1995, Netscape cofounder Marc Andreessen predicted
that his fledgling Web browser would one day render Windows
obsolete. [12]
•Fifteen years later, Netscape is long gone, and the traditional
desktop OS remains firmly established on most personal
computers. [12]
•A Web OS offers enormous promise, potentially, it could take
the best of the Web combining it with the advantages of
desktop applications & sidestep many of the security &
compatibility issues currently plaguing desktop OS’s. [12]

42
Is the world ready for Web OS?
•As Web sites take advantage of improved client side
technologies, browsers must cope with a growing range of
performance, reliability, and security issues. [12]
•With various netbooks running Google’s Chrome OS, user
interaction will take place through a browser or Web-based
applications. [12]
•As developers take advantage of these emerging technologies
to craft Web-based experiences across a growing range of
devices, the traditional OS will likely continue to recede from
users’ awareness and perhaps eventually disappear
altogether. [12]

43
References
[1] Tim O'Reilly,The State of the Internet Operating System
.[Online].Available: http://radar.oreilly.com/2010/03/state-of-internet-
operating-system.html,March 29, 2010. [Accessed: Sept. 5, 2012].
[2] Google,Releasing the Chromium OS open source project.
[Online].Available: http://googleblog.blogspot.in/2009/11/releasing-
chromium-os-open-source.html, November 20, 2009. [Accessed: Sept. 2,
2012].
[3] Google,Software Architecture. [Online]. Available:
http://www.chromium.org/chromium-os/chromiumos-design-
docs/software-architecture. [Accessed: Sept. 11, 2012].
[4] Google, Security Overview. [Online]. Available:
docs/security-overview. [Accessed: Sept. 12, 2012].

44
References
[5] Barth, A. Jackson, C. Reis, C., and the Google
Chrome team, The Security Architecture of the Chromium
Browser.
[Online].Available:http://seclab.stanford.edu/websec/chromium/,May
2008.[Accessed: Sept.1, 2012]
[6] Google, Protecting Cached User Data . [Online]. Available:
docs/protecting-cached-user-data. [Accessed: Sept.11 , 2012].
[7] Martin Bligh, Software Engineer, Chromium OS Fast
Boot [Video].Available: http://www.youtube.com/watch?v=mTFfl7AjNfI.
Nov 18, 2009.
[8] Will Drewry, Security Engineer, Chromium OS Security[Video].Available:
http://www.youtube.com/watch?v=A9WVmNfgjtQ.
Nov 18, 2009.

45
References
[9]Google, Verified Boot.[Online].Available:
docs/verified-boot. [Accessed: Sept. 12, 2012].
[10] Google, Disk Format. [Online]. Available:
http://www.chromium.org/chromium-os/chromiumos-design-docs/disk-
format. [Accessed: Sept. 13, 2012].
[11] Google, File System/Autoupdate. [Online]. Available:
docs/filesystem-autoupdate. [Accessed: Sept. 13, 2012].
[12] Alex Wright, "Ready for a Web OS?“,communications of the acm, vol.
52, no. 12, pp.16-17, Dec 2009. [Online]. Available: ACM Digital
Library, Available: http://dl.acm.org/citation.cfm?id=1610260. [Accessed
Sept.2, 2012].

Introduction to chrome os

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Introduction to chrome os

Similar to Introduction to chrome os (20)

Recently uploaded

Recently uploaded (20)

Introduction to chrome os

Editor's Notes