Compartmented Security for Browsers
Upcoming SlideShare
Loading in...5
×
 

Compartmented Security for Browsers

on

  • 546 views

Presentation of a paper at ARES 2007 conference. Security architecture to prevent phishing attacks.

Presentation of a paper at ARES 2007 conference. Security architecture to prevent phishing attacks.

Statistics

Views

Total Views
546
Views on SlideShare
543
Embed Views
3

Actions

Likes
0
Downloads
7
Comments
0

2 Embeds 3

http://www.linkedin.com 2
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Compartmented Security for Browsers Compartmented Security for Browsers Presentation Transcript

  • RuhR-Universität Bochum Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy Horst Görtz Institute for IT Security Ruhr-University Bochum, Germany ARES 2007 2nd International Conference on Availability, Reliability and Security Vienna, 10-13 April 2007
  • RuhR-Universität Bochum Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 2
  • RuhR-Universität Bochum "Classical" Phishing Costumers (e.g., bank) ……. credentials credentials (e.g., username,password) Adversary A Collection Server Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 3
  • RuhR-Universität Bochum Malware Phishing Costumers (e.g., bank) ……. credentials Adversary A Collection Server Tailored to specific services, such as domestic banks Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 4
  • RuhR-Universität Bochum Reasons for Success ● Strong assumptions on ordinary users ● Legacy flaws of Internet technology (e.g. DNS) ● Vulnerabilities of underlying computing platform Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 5
  • RuhR-Universität Bochum Existing approaches ● Browser-based ● Server-based ● Operating System based Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 6
  • RuhR-Universität Bochum Browser-based approaches ● White lists / black lists ● Heuristic checks ● Blinking browser boundaries ● Logo-type certificates ● Wallets F extra functionality Browser Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 7
  • RuhR-Universität Bochum Browser-based approaches ● White lists / black lists ● Heuristic checks ● Blinking browser boundaries ● Logo-type certificates ● Wallets Malware Browser F Phishing !? Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 8
  • RuhR-Universität Bochum Server-Based Approaches ● User-friendly authentication protocols ● Password-augmented SSL protocol ● Trusted device augmented SSL protocol F extra functionality Client Server Client Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 9
  • RuhR-Universität Bochum Server-Based Approaches ● User-friendly authentication protocols ● Password-augmented SSL protocol ● Trusted device augmented SSL protocol F Client Server Client Malware Phishing !? Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 10
  • RuhR-Universität Bochum OS-Based Approaches ● Isolation ● Integrity Verification ● Secure GUI ● Virtualization Example: Tahoma BOS Browser Browser Browser VM VM VM VMM Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 11
  • RuhR-Universität Bochum OS-Based Approaches ● Isolation ● Integrity Verification ● Secure GUI ● Virtualization Example: Tahoma BOS Browser Browser Browser Classical VM VM VM Phishing !? VMM Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 12
  • Idea: Combination Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 13
  • RuhR-Universität Bochum Our Approach ● Trusted wallet: Let the system... – authenticate legitimate service sites – control and perform the user authentication ● Compartmentalization: Isolate browser / wallet ● Trusted execution environment: – Security kernel – Trusted Computing – Virtualization Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 14
  • RuhR-Universität Bochum Basic Architecture authentication data compartment service virtual real usage Browser network Wallet­ network Service U Proxy P Legacy OS Security Kernel Hardware (Trusted Computing Support) System S Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 15
  • RuhR-Universität Bochum Wallet-Proxy authenticate UW update_proxy WB use_service U↔B use_service B↔W authenticate WP Browser Wallet­Proxy U use_service P↔W P B W SSL secured channel Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 16
  • RuhR-Universität Bochum Wallet-Proxy Setup login data authenticate UW update_proxy WB use_service U↔B use_service B↔W authenticate WP Browser Wallet­Proxy U use_service P↔W P B W SSL secured channel Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 17
  • RuhR-Universität Bochum Wallet-Proxy Setup login data authenticate UW update_proxy WB use_service U↔B use_service B↔W authenticate WP Browser Wallet­Proxy U use_service P↔W P B W SSL secured channel Call service site Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 18
  • RuhR-Universität Bochum Wallet-Proxy Setup login data authenticate UW update_proxy WB use_service U↔B use_service B↔W authenticate WP Browser Wallet­Proxy U use_service P↔W P B W SSL secured channel Call Insert service login site data Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 19
  • RuhR-Universität Bochum Wallet-Proxy Setup login data authenticate UW update_proxy WB use_service U↔B use_service B↔W authenticate WP Browser Wallet­Proxy U use_service P↔W P B W SSL secured channel Call Insert service login Authenticate site data site and user Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 20
  • RuhR-Universität Bochum Setup Procedure ● "Two-factor authentication" – User receives credentials out-of-band ● username, password (uid, pwdid), URLid of website, and ack.code – Wallet blocks login forms in Browser – User has to enter credentials in Wallet – Wallet performs login procedure – User enters acknowledgement code in Browser ● "One-factor authentication" – User has to register online at website – Wallet blocks login forms in Browser – User has to enter credentials in Wallet – Wallet links password to website ● pwdid := hash(pwdiduser || r), r is random value Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 21
  • RuhR-Universität Bochum Trusted Components Wallet­Proxy network connection user interface W input / output load / store data start start Compartment start Storage U Secure GUI Manager Manager sealing / unsealing measurement TPM Net P Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 22
  • RuhR-Universität Bochum Trusted Components Wallet­Proxy network connection user interface W input / output load / store data start start Compartment start Storage U Secure GUI Manager Manager sealing / unsealing measurement TPM Net P Trusted path Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 23
  • RuhR-Universität Bochum Trusted Components Wallet­Proxy network connection user interface W input / output load / store data start start Compartment start Storage U Secure GUI Manager Manager sealing / unsealing measurement TPM Net P Trusted path System integrity Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 24
  • RuhR-Universität Bochum Secure Booting OS OS Loader TPM BIOS CRTM PCRs Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 25
  • RuhR-Universität Bochum Secure Booting Proxy Wallet W start start Compartment start Storage Secure GUI Manager Manager OS OS Loader TPM BIOS CRTM PCRs Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 26
  • RuhR-Universität Bochum Secure Booting Proxy Wallet Seal Wallet data to W platform configuration start start Compartment start Storage Secure GUI Manager Manager OS OS Loader TPM BIOS CRTM PCRs Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 27
  • RuhR-Universität Bochum Implementation Isolation {untrusted } {trusted } Wallet Email Browser Proxy Application Layer Compartment Compartment   Trusted Software Layer Security Kernel Hypervisor Layer   Hardware TPM Hardware Layer Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 28
  • RuhR-Universität Bochum Implementation Isolation {untrusted } {trusted } Wallet Email Browser Proxy Application Layer Compartment Compartment   Secure GUI Trusted Software Layer Compartment Mgr Storage Mgr Security Kernel Input Video Net TDD Disk Hypervisor Layer L4 Microkernel   Hardware TPM Hardware Layer Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 29
  • RuhR-Universität Bochum Ongoing and Future Work ● Web form scanner – Currently improving and enhancing implementation ● System updates (property-based attestation) – Currently working on PbA implementation ● What about additional user attributes? – e.g. address, age, credit card number, etc. ● Usability – Secure GUI ("mGUI") – Proxy-Wallet Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 30
  • RuhR-Universität Bochum Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 31
  • RuhR-Universität Bochum Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 32
  • RuhR-Universität Bochum Questions ? Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 33
  • backup Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 34
  • Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 35
  • Marcel Winandy Compartmented Security for Browsers (ARES 2007) 2007-04-10 36