TRUST	
  THY	
  NEIGHBOR?	
  
TRUSTWORTHY	
  MULTI-­‐TENANCY	
  FOR	
  THE	
  
MODERN	
  APPLICATION	
  ECOSYSTEM	
  
ABOUT	
  TRUSTONIC	
  

JON	
  GEATER,	
  CHIEF	
  TECHNICAL	
  OFFICER	
  

2	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?...
The	
  changing	
  
landscape	
  
THE	
  RISE	
  OF	
  MOBILE	
  

AND	
  THE	
  CONNECTED	
  SOCIETY	
  
700	
  

600	
  

500	
  

Desktop	
  

400	
  

L...
THE	
  RISE	
  OF	
  MOBILE	
  

AND	
  THE	
  CONNECTED	
  SOCIETY	
  

700	
  

600	
  

500	
  

400	
  

All	
  PC	
  ...
THE	
  RISE	
  OF	
  MOBILE	
  
AFFECTS	
  THE	
  ENTIRE	
  CHAIN	
  

!  So	
  why	
  are	
  we	
  talking	
  about	
  Sm...
JUST	
  A	
  FEW	
  YEARS	
  AGO…	
  
MOBILE	
  SECURITY	
  

!  I	
  was	
  working	
  for	
  an	
  Enterprise	
  Securit...
THE	
  RISE	
  OF	
  MOBILE	
  
AFFECTS	
  THE	
  ENTIRE	
  CHAIN	
  

!  We	
  now	
  (try	
  to)	
  do	
  everything	
  ...
THE	
  RISE	
  OF	
  MOBILE	
  
AFFECTS	
  THE	
  ENTIRE	
  CHAIN	
  

!  We	
  now	
  (try	
  to)	
  do	
  everything	
  ...
Security	
  and	
  
trust	
  
WHAT	
  IS	
  RISK?	
  

Risk	
  =	
  probability	
  x	
  severity	
  

11	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  ...
WHAT	
  IS	
  RISK?	
  

Risk	
  =	
  ^me	
  x	
  remedia^on	
  

12	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  	
  	
...
WHAT	
  IS	
  RISK?	
  

Risk	
  =	
  likelihood	
  x	
  cost	
  

13	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  	
  	...
WHAT	
  IS	
  RISK?	
  

How	
  much	
  should	
  I	
  care	
  about	
  
this?	
  
	
  
When	
  will	
  it	
  happen?	
  
...
WHAT	
  IS	
  SECURITY?	
  

A	
  Venn	
  diagram	
  
SECURE	


15	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  	
  	
  ...
WHAT	
  IS	
  SECURITY?	
  

A	
  Venn	
  diagram	
  
SECURE?	
  

16	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  	
  	...
WHAT	
  IS	
  SECURITY?	
  

Security	
  	
  
Is	
  
Contextual	
  

17	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  	
 ...
THE	
  RISE	
  OF	
  MOBILE	
  

MY CONTROL!	


NO, MINE!	


AFFECTS	
  THE	
  ENTIRE	
  CHAIN	
  

!  Things	
  are	
  mu...
Start	
  Trusted,	
  
Stay	
  Trusted	
  
START	
  TRUSTED	
  

HARDWARE	
  ROOTS	
  OF	
  TRUST	
  

!  So	
  how	
  does	
  security	
  enable	
  trust?	
  
App

...
STAY	
  TRUSTED	
  

SECURITY	
  DOESN’T	
  STAY	
  STILL	
  

!  Boot	
  security	
  is	
  necessary	
  but	
  not	
  suffi...
TrustZone®	
  
and	
  TEE	
  
TRUSTZONE®	
  	
  

HARDWARE	
  BACKED	
  SECURITY	
  FROM	
  ARM	
  

!  Separa^on	
  technology	
  built	
  into	
  ARM	...
TRUSTED	
  EXECUTION	
  ENVIRONMENT	
  	
  
PRACTICAL	
  SECURITY	
  FOR	
  	
  MOBILE	
  APPLICATIONS	
  
Primary	
  devi...
TRUSTED	
  EXECUTION	
  ENVIRONMENT	
  	
  	
  
PRACTICAL	
  SECURITY	
  FOR	
  	
  MOBILE	
  APPLICATIONS	
  

!  TEE	
  ...
BACKEND	
  TRUST	
  AND	
  ENROLMENT	
  
COMPLETING	
  THE	
  CHAIN	
  OF	
  TRUST	
  

!  A	
  well-­‐built	
  TEE	
  pro...
START	
  TRUSTED,	
  STAY	
  TRUSTED	
  

Secure	
  Kernel	
  

!  Trusted apps are verified before they can run and
acces...
WHAT	
  ABOUT	
  TPM?	
  

TPM	
  2.0	
  protocol	
  can	
  be	
  supported	
  too	
  
!  TPM 2.0 is an interface specific...
Client	
  to	
  Cloud	
  
Examples	
  
CHIP	
  TO	
  CLOUD	
  TRUST	
  

EXAMPLE	
  USE	
  CASE:	
  SIMPLER	
  LOGIN	
  

Open Environment

LOGO COLOR VERSIONS

...
CHIP	
  TO	
  CLOUD	
  TRUST	
  
OTHER	
  USE	
  CASES	
  

!  Flexible	
  iden^ty	
  &	
  access	
  use	
  cases	
  
‒  C...
CHIP	
  TO	
  CLOUD	
  TRUST	
  
BENEFITS	
  

!  Chip	
  to	
  cloud	
  works	
  both	
  ways	
  
‒  The	
  client	
  is	...
AMD	
  and	
  
Trustonic	
  
AMD	
  AND	
  TRUSTONIC	
  

THE	
  PLATFORM	
  SECURITY	
  PROCESSOR	
  

!  The	
  Planorm	
  Security	
  Processor	
  (...
Wrap	
  up	
  
WRAPPING	
  UP	
  

	
  	
  1	
  

The	
  mobility	
  trend	
  affects	
  ALL	
  areas	
  of	
  compu^ng	
  

	
  	
  2	
  ...
37	
   |	
  	
  	
  TRUST	
  THEY	
  NEIGHBOR?	
  	
  	
  |	
  	
  	
  JON	
  GEATER,	
  TRUSTONIC	
  	
  	
  |	
  	
  	
 ...
Thank	
  you	
  
DISCLAIMER	
  &	
  ATTRIBUTION	
  

The	
  informa^on	
  presented	
  in	
  this	
  document	
  is	
  for	
  informa^onal	...
SESSION	
  ABSTRACT	
  
!  TITLE:	
  Trust	
  thy	
  neighbour?	
  	
  Trustworthy	
  mul^-­‐tenancy	
  for	
  the	
  mode...
Upcoming SlideShare
Loading in …5
×

SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater

1,533 views

Published on

Presentation SE-4101 by Jon Geater from the AMD Developer Summit (APU13) November 11-13, 2013.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,533
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SE-4101, Trustworthy multi-tenancy for the modern application ecosystem, by Jon Geater

  1. 1. TRUST  THY  NEIGHBOR?   TRUSTWORTHY  MULTI-­‐TENANCY  FOR  THE   MODERN  APPLICATION  ECOSYSTEM  
  2. 2. ABOUT  TRUSTONIC   JON  GEATER,  CHIEF  TECHNICAL  OFFICER   2   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  3. 3. The  changing   landscape  
  4. 4. THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   Desktop   400   Laptop   300   Smartphone   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   4   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
  5. 5. THE  RISE  OF  MOBILE   AND  THE  CONNECTED  SOCIETY   700   600   500   400   All  PC   Smartphone   300   200   100   0   2005   2006   2007   2008   2009   2010   2011   Source  data:  Morgan  Stanley  Research   5   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   2012   2013E  
  6. 6. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  So  why  are  we  talking  about  Smartphones  at  an   AMD  conference?     !  What  is  a  mobile  device?   6   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  7. 7. JUST  A  FEW  YEARS  AGO…   MOBILE  SECURITY   !  I  was  working  for  an  Enterprise  Security  company   making  encryp^on  and  key  management  products   !  We  were  asked  by  a  major  US  bank  to  help  them   with  the  problem  they  had  with  informa^on   security  on  mobile  devices   !  2  primary  device  types:   ‒  Laptops       This  one’s  fairly  obvious.    But  this  was  easier  because  of   established  security  vendors  and  no  real  no^on  of   BYOD  for  laptops   ‒  Tape  drives  (!)   They  are  very  mobile…   But  compara^vely  simple  security  problem  .   7   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  8. 8. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops  –  truly  heterogeneous!   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   8   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  9. 9. THE  RISE  OF  MOBILE   AFFECTS  THE  ENTIRE  CHAIN   !  We  now  (try  to)  do  everything  on  the  mobile   internet  that  we  used  to  do  by  PC,  ordinary  phone   and  post   !  That  blurs  the  lines  between  device  types:  phones,   tablets,  laptops   !  It  forces  applica^ons  on-­‐line,  so  the  whole   informa^on  system  from  chip  to  cloud  needs   consistent  security   !  It  also  leads  to  a  significant  rise  in  the  number  of   types  of  informa^on  processed  on  mobile  devices   !  …and  a  consequent  rise  in  the  value  of  that   informa^on   9   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Sensi^ve     Informa^on  
  10. 10. Security  and   trust  
  11. 11. WHAT  IS  RISK?   Risk  =  probability  x  severity   11   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  12. 12. WHAT  IS  RISK?   Risk  =  ^me  x  remedia^on   12   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  13. 13. WHAT  IS  RISK?   Risk  =  likelihood  x  cost   13   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  14. 14. WHAT  IS  RISK?   How  much  should  I  care  about   this?     When  will  it  happen?     What’s  the  impact  if  it  does?   Risk  =  likelihood  x  cost   14   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  15. 15. WHAT  IS  SECURITY?   A  Venn  diagram   SECURE 15   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   NOT SECURE
  16. 16. WHAT  IS  SECURITY?   A  Venn  diagram   SECURE?   16   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  17. 17. WHAT  IS  SECURITY?   Security     Is   Contextual   17   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  18. 18. THE  RISE  OF  MOBILE   MY CONTROL! NO, MINE! AFFECTS  THE  ENTIRE  CHAIN   !  Things  are  much  more  complicated  now     !  The  different  use  cases  present  a  set  of  conflic^ng   use  cases  that  a  single  extant  planorm  has  to  sa^sfy   !  And  that’s  before  the  user  gets  involved   Privac y please !  Mul^-­‐tenancy  on  a  consumer  device  lacks  some  of   the  more  powerful  approaches  available  to  server   applica^ons   CLOSED! OPEN! !  There  are  also  more  threats  now   ‒  Professionalized  malware   ‒  Threats  always  follow  the  money   18   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  19. 19. Start  Trusted,   Stay  Trusted  
  20. 20. START  TRUSTED   HARDWARE  ROOTS  OF  TRUST   !  So  how  does  security  enable  trust?   App !  We  typically  define  fundamental  security  building   blocks  as  “Roots  of  Trust”   !  To  be  effec^ve  the  RoT  has  to  be  rooted  in   hardware   ‒  Otherwise  there  are  too  many  ways  to  remove  it,  and   nothing  to  check  back  against   ‒  “Trust,  but  verify”   !  Not  just  a  key:  includes  the  mechanisms,  code  etc   ‒  NIST  guidelines   !  Secure  boot  mechanisms  (including  UEFI)  are  based   on  roots  of  trust   !  Scaling  problem  –  not  everyone  can  own  a  direct   root!    So  the  planorm  has  to  provide  the  main  one   20   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   App   App   App   Opera^ng  System   Protected   Storage   Isola:on   RoT  for   RoT  for   Integrity    Repor-ng   RoT  for     Storage   Device   Integrity   RoT  for     Verifica-on   RoT  for   Measurement   Picture:  Andrew  Regenshield:  NIST/Computer  Security  Division    
  21. 21. STAY  TRUSTED   SECURITY  DOESN’T  STAY  STILL   !  Boot  security  is  necessary  but  not  sufficient   ‒  Doesn’t  account  for  run-­‐^me  exploits   ‒  Good  for  system  FW  but  doesn’t  scale  to  applica^ons     !  Security  is  a  dynamic  affair.    We  need  to  be  able  to  react   as  quickly  as  the  threats/market   !  Planorm  use  cases  shouldn’t  be  fixed  when  the  chip  leaves   the  factory   ‒  Need  to  be  able  to  add  trusted  func^onality  later  on   !  Security  context  is  best  known  to  the  service  providers  but   they  do  not  make  hardware.   ‒  How  to  anchor  their  trust  chains  in  hardware  at  scale?   ‒  How  to  encode  their  use  case  into  general  purpose  HW?   ‒  Can  you  do  a  whole  FW  update  each  ^me  a  single  app   changes?    No!   21   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  22. 22. TrustZone®   and  TEE  
  23. 23. TRUSTZONE®     HARDWARE  BACKED  SECURITY  FROM  ARM   !  Separa^on  technology  built  into  ARM  Cortex-­‐A   processors   !  Enables  2  independent  process  stacks  to  execute  on   a  single  SoC:  Normal  mode  and  Secure  mode   !  Memory  and  peripherals  can  be  par^^oned  into   secure-­‐only  or  shared   !  Mode  separa^on  is  enforced  by  the  processor  and   fabric  –  stronger  than  MMU     !  Sovware  in  Normal  World  (including  awacks!)  can’t   read  memory  or  peripherals  that  are  reserved  for   Secure  World   !  It  is  not  magic!    Designed  to  defeat  sovware   awacks,  not  na^onal  governments  and  laserbeams   !  Doesn’t  have  any  sovware   23   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TZ  only   Switchable   Normal  
  24. 24. TRUSTED  EXECUTION  ENVIRONMENT     PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   Primary  device   environment     runs  as  normal,   including  other   security   mechanisms     Rich OS Application Environment Client Applications GlobalPlatform GlobalPlatform TEE FunctionalAPI TEE Functional API GlobalPlaIorm  APIs   ensure  portability   across  handsets/ plaIorms     GlobalPlatform TEE Client API GlobalPlatformTEE Client API   Security  cri:cal  code   and  resources   protected  by  TEE   applica:ons   Trusted Execution Environment   Trusted Application DRM Trusted Application Payment Payment Trusted Application Corporate Corporate GlobalPlatformTEE Internal API GlobalPlatformTEEInternal Trusted Core Trusted Core Environment Environment Trusted Functions Rich OS   TEE  provides  the   constant  security   founda:on   independent  of  OS   choice       TEE Kernel Hardware Platform Integrity  and  trust   underpinned  by    SoC   Image:  GlobalPlanorm   hardware   24   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL     HW Secure Resources HW Keys, Secure Storage, Trusted UI (Keypad, Screen), Crypto accelerators, NFC controller, Secure Element, etc. Control  of  secure   resources    
  25. 25. TRUSTED  EXECUTION  ENVIRONMENT       PRACTICAL  SECURITY  FOR    MOBILE  APPLICATIONS   !  TEE  combines  the  planorm  hardware  with  sovware   to  provide  an  open  environment  in  which  to  run   security  sensi^ve  code  for  normal  applica^ons   !  Highly  flexible  system  enables  applica^on   stakeholders  to  protect  their  own  func^onality   ‒  Correct  context  is  used   !  GlobalPlanorm  is  not  the  only  model   ‒  But  a  standard  helps  with  a  scalable  ecosystem   !  Provides  simple  APIs  for  cryptography,  secure   storage  etc   !  Working  towards  advanced  APIs  for  things  like   Trusted  User  Interface  (where  applicable)     25   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  26. 26. BACKEND  TRUST  AND  ENROLMENT   COMPLETING  THE  CHAIN  OF  TRUST   !  A  well-­‐built  TEE  provides  strong  separa^on  of   processes  on  the  device   !  But  as  we’ve  seen,  systems  and  trust  are  bigger   than  the  device   !  A  remote  loading  system  connected  to  the  Roots  Of   Trust  is  essen^al  in  order  to  sustain  a  chain  of  trust   from  Chip  to  Cloud   !  Making  it  essen^al  to  the  crea^on  of  an  ecosystem   !  This  is  not  yet  standardized  but  Trustonic  operates  a   backend  system  connected  to  an  on-­‐chip  Root  of   Trust   26   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  27. 27. START  TRUSTED,  STAY  TRUSTED   Secure  Kernel   !  Trusted apps are verified before they can run and access sensitive assets – contextual security   !  Normal World can only access trusted apps through published APIs – transaction integrity !  Manufacturing and Backend systems maintain the chain of trust between chip, apps and relying parties     27   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Trusted  app   !  TEE is given control of secure peripherals, memory regions and trusted apps Trusted  app   !  ‘Secure boot’ from SoC ROM assures integrity of TEE and sensitive data assets Trusted  app   LIFECYCLE  SUPPORT  DESIGNED-­‐IN  
  28. 28. WHAT  ABOUT  TPM?   TPM  2.0  protocol  can  be  supported  too   !  TPM 2.0 is an interface specification   REE   TEE   Rich  App   !  Can co-exist with TEE, or run as an application inside it ‒  Or even be a hardware one, if money, space and power allow. Compatible with all models !  Extensive work in the TCG on Firmware TPMs (PCClient group) and Mobile TPMs (Mobile Platforms group) to enable this kind of architecture     28   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   Rich  App   TA   TPM  Client  API   TPM   TEE  Client  API   TA   TEE  Internal  API    +     TEE  trusted  UI  ++   Mobile  OS   Smartphone  hardware     Trusted  OS   TEE  entry  
  29. 29. Client  to  Cloud   Examples  
  30. 30. CHIP  TO  CLOUD  TRUST   EXAMPLE  USE  CASE:  SIMPLER  LOGIN   Open Environment LOGO COLOR VERSIONS OTP Launcher Trusted Execution Environment OTP TA Secure OTP generation Secure OTP key storage LOGO Cloud  service  can  have   more  confidence  in  the   ID  claim  they  receive     APIs Client API Rich OS Trusted User Interface LOGO IN BLACK Secure cryptography LOGO ON BLACK ARM TrustZone® enabled SoC 30   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   User  has  the   convenience  of  using   their  preferred  device,   and  fewer  clicks   Secure Mass Storage
  31. 31. CHIP  TO  CLOUD  TRUST   OTHER  USE  CASES   !  Flexible  iden^ty  &  access  use  cases   ‒  Convert  passwords  to  stronger  on-­‐the-­‐wire  creden^als   ‒  Also  biometrics   !  Transac^on  verifica^on  and  protec^on   ‒  Simpler  payments   ‒  Confiden^ality   ‒  binding  integrity   !  Content   ‒  DRM  processing,  innova^ve  delivery  models   !  Enterprise   ‒  On  board  creden^als  for  VPN  etc   ‒  BYOD  trust  anchors   ‒  Virtual  HSM   !  Improve  user  experience   !  Provide  more  innova^ve  services   31   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  32. 32. CHIP  TO  CLOUD  TRUST   BENEFITS   !  Chip  to  cloud  works  both  ways   ‒  The  client  is  increasingly  the  primary  device.    Remote   service  should  have  to  prove  itself  before  the  device   gives  up  any  sensi^ve  informa^on   ‒  The  flexible  architecture  of  TEE  enables  these  islands  of   trust  to  work  both  ways   !  Ability  to  verify  root  of  trust  separately  enables   greater  confidence  and  unlocks  poten^al  for   enhanced  services  and  user  experience   !  Privacy  impacts  can  be  limited  by  separa^ng  the  key   actors  in  the  system:  something  that  can  happen   naturally   32   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  33. 33. AMD  and   Trustonic  
  34. 34. AMD  AND  TRUSTONIC   THE  PLATFORM  SECURITY  PROCESSOR   !  The  Planorm  Security  Processor  (PSP)  is  a  dedicated   ARM  co-­‐processor  within  the  APU  dedicated  to   providing  security  func^ons   AMD64   APU   !  Has  its  own  secure  RAM  and  NV  storage   !  Can  access  system  memory   PSP   !  Crypto  func^onality,  including  TRNG   !  Last  month  AMD  and  Trustonic  announced  a   partnership:  AMD  has  licensed  the  Trustonic  TEE  to   run  as  the  security  kernel  in  the  PSP   !  Talk  to  AMD  for  the  PSP  roadmap  and  access  for  3rd   party  security  extensions   34   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL   TEE   (Not  to  scale!)  
  35. 35. Wrap  up  
  36. 36. WRAPPING  UP      1   The  mobility  trend  affects  ALL  areas  of  compu^ng      2   Security  is  DYNAMIC.    Need  to  keep  up.      3   HARDWARE  trust  is  needed  to  defeat  SOFTWARE  threats      4   A  collabora^ve  ECOSYSTEM  approach  is  essen^al      5   AMD  and  Trustonic  are  working  together  to  enable  this   36   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  37. 37. 37   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  38. 38. Thank  you  
  39. 39. DISCLAIMER  &  ATTRIBUTION   The  informa^on  presented  in  this  document  is  for  informa^onal  purposes  only  and  may  contain  technical  inaccuracies,  omissions  and  typographical  errors.     The  informa^on  contained  herein  is  subject  to  change  and  may  be  rendered  inaccurate  for  many  reasons,  including  but  not  limited  to  product  and  roadmap   changes,  component  and  motherboard  version  changes,  new  model  and/or  product  releases,  product  differences  between  differing  manufacturers,  sovware   changes,  BIOS  flashes,  firmware  upgrades,  or  the  like.  Trustonic  assumes  no  obliga^on  to  update  or  otherwise  correct  or  revise  this  informa^on.  However,   Trustonic  reserves  the  right  to  revise  this  informa^on  and  to  make  changes  from  ^me  to  ^me  to  the  content  hereof  without  obliga^on  of  AMD  to  no^fy  any   person  of  such  revisions  or  changes.     TRUSTONIC  MAKES  NO  REPRESENTATIONS  OR  WARRANTIES  WITH  RESPECT  TO  THE  CONTENTS  HEREOF  AND  ASSUMES  NO  RESPONSIBILITY  FOR  ANY   INACCURACIES,  ERRORS  OR  OMISSIONS  THAT  MAY  APPEAR  IN  THIS  INFORMATION.     TRUSTONIC  SPECIFICALLY  DISCLAIMS  ANY  IMPLIED  WARRANTIES  OF  MERCHANTABILITY  OR  FITNESS  FOR  ANY  PARTICULAR  PURPOSE.  IN  NO  EVENT  WILL   TRUSTONIC  BE  LIABLE  TO  ANY  PERSON  FOR  ANY  DIRECT,  INDIRECT,  SPECIAL  OR  OTHER  CONSEQUENTIAL  DAMAGES  ARISING  FROM  THE  USE  OF  ANY   INFORMATION  CONTAINED  HEREIN,  EVEN  IF  TRUSTONIC  IS  EXPRESSLY  ADVISED  OF  THE  POSSIBILITY  OF  SUCH  DAMAGES.     ATTRIBUTION   ©  2013  Trustonic  Ltd.  All  rights  reserved.  Trustonic,  the  graphical  <t  logo  and  combina^ons  thereof  are  trademarks  of  Trustonic  Ltd.  in  Europe,  the  United   States  and/or  other  jurisdic^ons.    AMD  is  a  trademark  of  Advanced  Micro  Devices,  Inc.    ARM  and  TrustZone  are  trademarks  of  ARM,  Ltd.Other  names  are  for   informa^onal  purposes  only  and  may  be  trademarks  of  their  respec^ve  owners.   39   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  
  40. 40. SESSION  ABSTRACT   !  TITLE:  Trust  thy  neighbour?    Trustworthy  mul^-­‐tenancy  for  the  modern  applica^on  ecosystem   !  SHORT  ABSTRACT:  With  tales  of  leaks,  hacks  and  malware  on  the  rise,  trust  in  mobile  systems  is  in  short   supply  these  days.    In  other  areas  an  almost  opposite  but  equally  troubling  problem  exists  where  walled   gardens  or  security  agents  seek  to  keep  out  the  bad  guys,  but  also  s^fle  innova^on  and  invite  ques^ons  of   trust  in  the  mo^va^on  and  interest  of  the  gardeners.     !  This  talk  looks  at  recent  developments  in  client-­‐to-­‐cloud  trust  technology  in  the  ARM  mobile  device   ecosystem  and  presents  a  model  for  both  security  and  control  that  allows  mul^-­‐tenancy  with  confidence.     It  also  covers  how  AMD  have  adopted  and  adapted  some  of  this  technology  to  create  a  world-­‐leading  SoC   planorm  with  trust  built  into  the  very  heart  of  the  chip.     40   |      TRUST  THEY  NEIGHBOR?      |      JON  GEATER,  TRUSTONIC      |      NOVEMBER  12TH,  2013      |      CONFIDENTIAL  

×