Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
INTRODUCTION TO
GOOGLE CHROME OS
Presented By-
Indrajit Gohokar
Sec-B
Roll No-139
1
2
CONTENTS
• WHAT IS AN OPERATING SYSTEM?
• CURRENT SCENARIO
• CHROME OS:INTERNET OS
• ORIGIN
• CHROME OS:IN DEPTH
• FURTH...
3
• Program designed to
run other programs.
• Main Roles :
1. IO management
2. Processor management
3. File management
4. ...
4
CURRENT SCENARIO
Market Position in Terms of OS
• Until now 58 stable standard
OS released.
• Most of them have GUI and
...
5
Tim O’Reilly defines:
‘simply use our facilities, and
the complexity will go away’
thing is Internet OS. [1]
• An OS des...
CHROME OS USER INTERFACE
6
7
ORIGIN
•Google developers began coding the operating system in 2009.
[2]
•To ascertain marketing requirements for an OS ...
8
ORIGIN
•Inspired by the growing popularity and lower power
consumption of netbooks and the focus of these small
laptops ...
9
CHROME OS:IN DEPTH
•GENERAL
I. SOFTWARE ARCHITECTURE
•SECURITY
I. SECURITY OVERVIEW
II. PROTECTING CACHED USER DATA
•FIR...
10
SOFTWARE ARCHITECTURE
Chromium OS consists of three major components:
1.The Chromium-based browser and the window manag...
11
SOFTWARE ARCHITECTURE
FIRMWARE
Implements the following functionalities:-
System recovery: Re-install OS in adverse con...
12
SOFTWARE ARCHITECTURE
CHROMIUM AND THE WINDOW MANAGER
[3]
13
SECURITY OVERVIEW
•Chromium OS has been designed from the ground up with
security in mind.
•Security is not a one-time ...
14
SECURITY OVERVIEW
SECURE AUTOUPDATE
•Signed updates are downloaded over SSL. [4]
•Version numbers of updates can't go b...
15
SECURITY OVERVIEW
VERIFIED BOOT
•Verified boot provides a means of getting cryptographic
assurances that the Linux kern...
16
SECURITY OVERVIEW
• Applications have permission
same as user.
• Can communicate with each
other easily.
• Web applicat...
17
SECURITY OVERVIEW
BROWSER SANDBOX
•To help defend against an attacker who exploits a vulnerability
in the rendering eng...
18
SECURITY OVERVIEW
FUTURE WORK
Biometrics
•Google is keeping an eye on biometric authentication technologies
as they con...
19
PROTECTING CACHED USER DATA
•Chromium OS devices are intended to be both portable and
safely shared. As a result, priva...
20
PROTECTING CACHED USER DATA
•Chromium OS uses the eCryptfs stacked file system with per-
user vault directories and key...
21
FAST BOOT
[7]
22
FAST BOOT
[7]
23
FAST BOOT
[7]
24
VERIFIED BOOT
•It starts with a read-only portion of firmware, which only
executes the next chunk of boot code after ve...
25
VERIFIED BOOT
[8]
26
VERIFIED BOOT
[8]
27
VERIFIED BOOT
[8]
28
VERIFIED BOOT
[8]
29
VERIFIED BOOT
• Digital Signatures are provided for every firmware update
• If malware found System recovers itself to ...
30
SECURE BOOT
•Only Chrome OS BIOS will implement secure boot from first
power-on. [10]
•Portions of the firmware are rea...
31
SECURE BOOT
Selecting the kernel
•There are at least two kernel partitions, to support
autoupdate and accidental corrup...
32
SECURE BOOT
1.Check that (Successful Boot Flag == 1) or (Tries Remaining > 0).
2.If Successful Boot Flag == & Tries Rem...
33
SECURE BOOT
34
FILE SYSTEM AUTO-UPDATE
•The autoupdate mechanism aims to provide seamless and
secure updates to the latest version of ...
35
FILE SYSTEM AUTO-UPDATE
[8]
36
FILE SYSTEM AUTO-UPDATE
[8]
37
FILE SYSTEM AUTO-UPDATE
[8]
38
FURTHER DEVELOPMENT
• Open Source project named ‘Chromium’
started .
• Open Source Communities are adding code
to Chrom...
39
ADVANTAGES
•Free, Open Source : Lots of opportunity for developers
•One of the main advantages of Chrome OS over its
co...
40
LIMITATIONS
•The OS is designed to specifically target the Internet
generation so it won't be as successful in the shor...
41
Is the world ready for Web OS?
•Back in 1995, Netscape cofounder Marc Andreessen predicted
that his fledgling Web brows...
42
Is the world ready for Web OS?
•As Web sites take advantage of improved client side
technologies, browsers must cope wi...
43
References
[1] Tim O'Reilly,The State of the Internet Operating System
.[Online].Available: http://radar.oreilly.com/20...
44
References
[5] Barth, A. Jackson, C. Reis, C., and the Google
Chrome team, The Security Architecture of the Chromium
Br...
45
References
[9]Google, Verified Boot.[Online].Available:
http://www.chromium.org/chromium-os/chromiumos-design-
docs/ver...
46
THANK YOU!
Upcoming SlideShare
Loading in …5
×

Introduction to chrome os

1,894 views

Published on

This is a presentation made by me on the Google's chrome operating system.

Published in: Technology
  • Be the first to comment

Introduction to chrome os

  1. 1. INTRODUCTION TO GOOGLE CHROME OS Presented By- Indrajit Gohokar Sec-B Roll No-139 1
  2. 2. 2 CONTENTS • WHAT IS AN OPERATING SYSTEM? • CURRENT SCENARIO • CHROME OS:INTERNET OS • ORIGIN • CHROME OS:IN DEPTH • FURTHER DEVELOPMENT • ADVANTAGES • LIMITATIONS • CONCLUSION • REFERENCES
  3. 3. 3 • Program designed to run other programs. • Main Roles : 1. IO management 2. Processor management 3. File management 4. Memory management WHAT IS AN OPERATING SYSTEM?
  4. 4. 4 CURRENT SCENARIO Market Position in Terms of OS • Until now 58 stable standard OS released. • Most of them have GUI and Network connectivity. • Windows Operating Systems share most of the Market.
  5. 5. 5 Tim O’Reilly defines: ‘simply use our facilities, and the complexity will go away’ thing is Internet OS. [1] • An OS designed by Google to work exclusively with web applications. • Extension of Chrome Browser and Android. • It is an open source, lightweight OS. • First OS dedicated to Internet. CHROME OS:INTERNET OS
  6. 6. CHROME OS USER INTERFACE 6
  7. 7. 7 ORIGIN •Google developers began coding the operating system in 2009. [2] •To ascertain marketing requirements for an OS focused on netbook Web transactions, Google did not do the usual demographic research generally associated with a large software development project.[2] • Instead, engineers relied on more informal metrics, including monitoring the usage patterns of some 200 Chrome OS machines used by Google employees.[2]
  8. 8. 8 ORIGIN •Inspired by the growing popularity and lower power consumption of netbooks and the focus of these small laptops on Internet access. •Based on the Google Chrome Browser.
  9. 9. 9 CHROME OS:IN DEPTH •GENERAL I. SOFTWARE ARCHITECTURE •SECURITY I. SECURITY OVERVIEW II. PROTECTING CACHED USER DATA •FIRMWARE I. FAST BOOT II. VERIFIED BOOT III. SECURE BOOT •PLATFORM I. FILE SYSTEM AUTO UPDATE
  10. 10. 10 SOFTWARE ARCHITECTURE Chromium OS consists of three major components: 1.The Chromium-based browser and the window manager. [3] 2.System-level software and user-land services: the kernel, drivers, connection manager, and so on. [3] 3.Firmware . [3]
  11. 11. 11 SOFTWARE ARCHITECTURE FIRMWARE Implements the following functionalities:- System recovery: Re-install OS in adverse conditions. [3] Verified boot: Each time the system boots, Chromium OS verifies different components. [3] Fast boot: Improved Boot performance. [3]
  12. 12. 12 SOFTWARE ARCHITECTURE CHROMIUM AND THE WINDOW MANAGER [3]
  13. 13. 13 SECURITY OVERVIEW •Chromium OS has been designed from the ground up with security in mind. •Security is not a one-time effort, but rather an iterative process that must be focused on for the life of the operating system. [4] •The goal is that, should either the operating system or the user detect that the system has been compromised, an update can be initiated, and—after a reboot—the system will have been returned to a known good state. [4]
  14. 14. 14 SECURITY OVERVIEW SECURE AUTOUPDATE •Signed updates are downloaded over SSL. [4] •Version numbers of updates can't go backwards. [4] •The integrity of each update is verified on subsequent boot, using Verified Boot. [4]
  15. 15. 15 SECURITY OVERVIEW VERIFIED BOOT •Verified boot provides a means of getting cryptographic assurances that the Linux kernel, non-volatile system memory, and the partition table are untampered with when the system starts up. [4] 1.Firmware-based verification 2.Kernel-based verification
  16. 16. 16 SECURITY OVERVIEW • Applications have permission same as user. • Can communicate with each other easily. • Web application have limited permission. • They are treated as untrusted apps and run in Encapsulated environment. Traditional OS Chrome OS
  17. 17. 17 SECURITY OVERVIEW BROWSER SANDBOX •To help defend against an attacker who exploits a vulnerability in the rendering engine, Chromium runs each rendering engine in a sandbox. [5] •This sandbox restricts the rendering engine's process from issuing some system calls that could help the attacker reach the goals. [5]
  18. 18. 18 SECURITY OVERVIEW FUTURE WORK Biometrics •Google is keeping an eye on biometric authentication technologies as they continue to become cheaper and more reliable, but at this time they believe cost/reliability tradeoffs is not where it needs to be for the target users. [4] • They expect these devices to be covered in their users' fingerprints, so a low-cost fingerprint scanner could actually increase the likelihood of compromise. [4] •They were able to break into one device that used facial recognition authentication software just by holding it up to the user's photo. [4]
  19. 19. 19 PROTECTING CACHED USER DATA •Chromium OS devices are intended to be both portable and safely shared. As a result, privacy protection for user data stored on the local disk is a requirement for a Chromium-based OS. [6] •Privacy protection for user data stored on a local disk is accomplished via system-level encryption of users' home directories. [6]
  20. 20. 20 PROTECTING CACHED USER DATA •Chromium OS uses the eCryptfs stacked file system with per- user vault directories and keysets to separate and protect each user’s cached data. [6] •Cache data is Encrypted using image file per user which is locked and encrypted. [6]
  21. 21. 21 FAST BOOT [7]
  22. 22. 22 FAST BOOT [7]
  23. 23. 23 FAST BOOT [7]
  24. 24. 24 VERIFIED BOOT •It starts with a read-only portion of firmware, which only executes the next chunk of boot code after verification. [9] •Ensures that all executed code comes from the Chromium OS source tree, rather than from an attacker or corruption. [9] •Focused on stopping the opportunistic attacker. • It uses stored cryptographic hashes and may be compatible with any trusted kernel. [9]
  25. 25. 25 VERIFIED BOOT [8]
  26. 26. 26 VERIFIED BOOT [8]
  27. 27. 27 VERIFIED BOOT [8]
  28. 28. 28 VERIFIED BOOT [8]
  29. 29. 29 VERIFIED BOOT • Digital Signatures are provided for every firmware update • If malware found System recovers itself to clean image
  30. 30. 30 SECURE BOOT •Only Chrome OS BIOS will implement secure boot from first power-on. [10] •Portions of the firmware are read-only, forming the basis of trust to validate the read/write portions of the firmware. [10] •Once the firmware has been validated, boot process is continued by reading the kernel from the disk. [10]
  31. 31. 31 SECURE BOOT Selecting the kernel •There are at least two kernel partitions, to support autoupdate and accidental corruption. [10] •Each kernel partition is paired with a rootfs partition; kernel A should only boot rootfs A, kernel B should only boot rootfs B, etc. [10] •Using a Google-supplied library (in src/platform/vboot_reference/firmware), the BIOS searches the GPT to find the Chrome OS kernel with the highest Priority value and then runs the following checks on it:
  32. 32. 32 SECURE BOOT 1.Check that (Successful Boot Flag == 1) or (Tries Remaining > 0). 2.If Successful Boot Flag == & Tries Remaining == 0, lower the Priority to 0 and find the next kernel. This was a kernel that failed its last boot try. 3.Check the kernel signature header. If it’s invalid, and (Tries Remaining > 0), set Tries Remaining = Priority = 0 and find the next kernel. 4.Begin copying the kernel blob into RAM. 5.Check the kernel blob signature as it’s copied. If it’s invalid, set Priority = 0 and find the next kernel. 6.If Tries Remaining > 0, decrement the Tries Remaining value in the partition table. 7.Invoke the bootstub, which then launches the kernel. If no valid kernel is found, we can’t boot this device.
  33. 33. 33 SECURE BOOT
  34. 34. 34 FILE SYSTEM AUTO-UPDATE •The autoupdate mechanism aims to provide seamless and secure updates to the latest version of Chromium OS without user interaction. [11] •Updates usually come in the form of deltas which are downloaded to a backup boot partition. Upon reboot, the backup partition becomes the primary. [11] •In case there is a problem with the update, the system can revert to using the previous partition. [11]
  35. 35. 35 FILE SYSTEM AUTO-UPDATE [8]
  36. 36. 36 FILE SYSTEM AUTO-UPDATE [8]
  37. 37. 37 FILE SYSTEM AUTO-UPDATE [8]
  38. 38. 38 FURTHER DEVELOPMENT • Open Source project named ‘Chromium’ started . • Open Source Communities are adding code to Chromium • Google Developers and Open Source Developers are working on same tree for betterment of OS • Google is working with OEM to make Chrome OS machines available in market at the end of this year • Expected that Chrome OS and Android will converge together
  39. 39. 39 ADVANTAGES •Free, Open Source : Lots of opportunity for developers •One of the main advantages of Chrome OS over its competitors, primarily, would be the system requirements. •Low hardware cost. •Record time of about 6-7 seconds to load the OS.
  40. 40. 40 LIMITATIONS •The OS is designed to specifically target the Internet generation so it won't be as successful in the short term. •Users wont be able to use it unless they have access to high speed internet. • If there are problems with connection, Chrome OS becomes virtually helpless. • Most data of the user not stored on local drives but in the cloud that is in the network.
  41. 41. 41 Is the world ready for Web OS? •Back in 1995, Netscape cofounder Marc Andreessen predicted that his fledgling Web browser would one day render Windows obsolete. [12] •Fifteen years later, Netscape is long gone, and the traditional desktop OS remains firmly established on most personal computers. [12] •A Web OS offers enormous promise, potentially, it could take the best of the Web combining it with the advantages of desktop applications & sidestep many of the security & compatibility issues currently plaguing desktop OS’s. [12]
  42. 42. 42 Is the world ready for Web OS? •As Web sites take advantage of improved client side technologies, browsers must cope with a growing range of performance, reliability, and security issues. [12] •With various netbooks running Google’s Chrome OS, user interaction will take place through a browser or Web-based applications. [12] •As developers take advantage of these emerging technologies to craft Web-based experiences across a growing range of devices, the traditional OS will likely continue to recede from users’ awareness and perhaps eventually disappear altogether. [12]
  43. 43. 43 References [1] Tim O'Reilly,The State of the Internet Operating System .[Online].Available: http://radar.oreilly.com/2010/03/state-of-internet- operating-system.html,March 29, 2010. [Accessed: Sept. 5, 2012]. [2] Google,Releasing the Chromium OS open source project. [Online].Available: http://googleblog.blogspot.in/2009/11/releasing- chromium-os-open-source.html, November 20, 2009. [Accessed: Sept. 2, 2012]. [3] Google,Software Architecture. [Online]. Available: http://www.chromium.org/chromium-os/chromiumos-design- docs/software-architecture. [Accessed: Sept. 11, 2012]. [4] Google, Security Overview. [Online]. Available: http://www.chromium.org/chromium-os/chromiumos-design- docs/security-overview. [Accessed: Sept. 12, 2012].
  44. 44. 44 References [5] Barth, A. Jackson, C. Reis, C., and the Google Chrome team, The Security Architecture of the Chromium Browser. [Online].Available:http://seclab.stanford.edu/websec/chromium/,May 2008.[Accessed: Sept.1, 2012] [6] Google, Protecting Cached User Data . [Online]. Available: http://www.chromium.org/chromium-os/chromiumos-design- docs/protecting-cached-user-data. [Accessed: Sept.11 , 2012]. [7] Martin Bligh, Software Engineer, Chromium OS Fast Boot [Video].Available: http://www.youtube.com/watch?v=mTFfl7AjNfI. Nov 18, 2009. [8] Will Drewry, Security Engineer, Chromium OS Security[Video].Available: http://www.youtube.com/watch?v=A9WVmNfgjtQ. Nov 18, 2009.
  45. 45. 45 References [9]Google, Verified Boot.[Online].Available: http://www.chromium.org/chromium-os/chromiumos-design- docs/verified-boot. [Accessed: Sept. 12, 2012]. [10] Google, Disk Format. [Online]. Available: http://www.chromium.org/chromium-os/chromiumos-design-docs/disk- format. [Accessed: Sept. 13, 2012]. [11] Google, File System/Autoupdate. [Online]. Available: http://www.chromium.org/chromium-os/chromiumos-design- docs/filesystem-autoupdate. [Accessed: Sept. 13, 2012]. [12] Alex Wright, "Ready for a Web OS?“,communications of the acm, vol. 52, no. 12, pp.16-17, Dec 2009. [Online]. Available: ACM Digital Library, Available: http://dl.acm.org/citation.cfm?id=1610260. [Accessed Sept.2, 2012].
  46. 46. 46 THANK YOU!

×