The document provides an overview of the trusted computing model and the trusted platform module, which aims to provide platform authentication, integrity reporting, and protected storage through a root of trust for measurement and reporting. It discusses challenges around verifying the underlying truth of attestations and whether trusted computing can meaningfully improve security, or if attackers will instead target firmware. The presentation concludes by identifying trusted computing as an interesting topic to follow and acknowledging input from a colleague that helped make the presentation possible.

1. Securing Platform and Trusted Computing Model Abbie Barbir, Ph.D Web Services and Security Advisor Nortel

2. Objectives of this Presentation Provide an overview of “TC” and my impressions of some of its pros/cons Initiate a discussion (within ITU-T) as to what role/value this type of approach has in secure solutions Identify challenges / areas for further study ? dates

3. Technology History IBM pioneered technology (early 1990’s) Founded Trusted Computing Platform Alliance in 1999 TPM 1.1b spec released early 2002 Trusted Computing Group Formed in April 2003 TPM 1.2 specification released February 2005 In 2004, IBM, Intel, and NTT DoCoMo submitted a set of Trusted Mobile Platform specifications defining security features for mobile devices has been released for public Provides comprehensive end-to-end security architecture for mobile wireless platforms dates

4. TCG Trusted Computing Basic Concepts A trustable platform is one that behaves in the expected manner for the intended purpose (e.g. from point of view of IT manager) Achieved through the following technology Platform Authentication and Attestation Identify the platform and its properties to a challenging party Platform Integrity Reporting Ability to query and report on a platform software state in a reliable manner Protected Storage Protect secret data against subversion dates

5. TCG Roots of Trust Trusted Platform Module (TPM): Root of Trust for Reporting Tamper resistant RSA (default keys 2048 bit) Stores Platform Measurements Platform Configuration Registers (PCR) Signature key reports on PCR contents Random Number Generator SHA-1 Hash Computation Engine Nonvolatile memory dates Serve as an anchor for a certificate verification chain Third parties can rely on this trust Core Root of Trust for Measurement (CRTM) Code that executes at boot time Example: Bios Trusted to properly report to the TPM on the software that executes later Only authorized entities can rewrite the CRTM Hash CPU NV-memory RNG key generation Memory Digital signature & RSA Crypto I/O MAC PCR

6. Attestation Feature Attestation creates a shared secret between the application and remote party Prevents session hijacking Attestations are digitally signed Using various TPM/Platform bound CAs Each layer of the platform is checked Hardware attests what operating system is booted OS attests on which applications it requires a key for Report on the value of the PCR Uses a challenge-response protocol dates Server TPM Nonce Sign (nonce, PCR,..,log), Certificate ID

7. Trusted Network Connect (TNC) Network Access Control Integrity Access device is healthy Identity Tied to TPM identity Endpoints Security Policy Protective S/W configured properly Allows authorized users (Strong Identity) Network Access policy compliance TPM functionality to thwart attacks Hardened client dates Access Authorization dialog 802.1X/ EAP Access TNC dialog protected Access Requester (Client) Dialog TNC Transport TNC Client TCG Integrity Measurement Access Server TCG Integrity Measurement PEP/PDP TNC Server

8. Security Design Principles dates Least Privilege: Each principle is given the minimum access needed to accomplish its task Keep the Trusted Computing Base small OS parts that ensures proper system functioning e.g., the OS Kernel & Hardware Current trends Today’s systems are large Win2k OS is over 50 MB Software is continuously updated on users devices A hacker is your next door neighbor May need to depend on infrastructure for trust TPM part of a small Kernel Today may be ideal for Mobile Devices

9. Secure Computing Challenges 1/2 Security for whom ? Can TCG solve SPAM, Malicious code etc. TPM is a cryptographic co-processor , with some trust anchors (issuer certificates) and private keys “wired in” at the factory Various cryptographic smart-card technologies, in both PCMCIA and ISO-7816 packaging have been around for nearly a decade Such technology has not measurably improved security How much TCG will improve security in the real world? dates

10. Secure Computing Challenges 2/2 In TCG TPM acts as a notary In real world, a notary issues a special type of signature and seal on a paper document merely attests to the existence and superficial contents of the document Notary seal cannot make any attestations to the underlying truth of the document How can we enable the TPM to verify the underlying truth of statements that are handed to To improve the value of the attestation feature Do we need to have a small secure operating system, and application software that is moved into the TPM, and fixed at the factory dates

11. Possible Study Items Security is about risk management Can we have a systematic approach for identifying un-trustworthy devices in a TCG environment How does TCG relate to Firmware in devices Would TCG force hackers to target Firmware instead of software It is all about NEAT : Non-Bypassable, Evaluate-able, Always Invoked, and Tamper-Proof 1 dates

12. Conclusions Trusted Computing offers some good features Secure Data Secure Boot Endpoint Security Binding of trusted physical identity allows trusted network identity Great forces behind it An interesting topic to follow dates

13. Acknowledgment dates Many thanks to my colleague Marcus Leech for his valuable input and insight that helped make this presentation possible.

14. Q and A dates

15. References dates Anderson, J. P., Computer Security Technology Planning Study , ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA, October 1972 Trusted Computing Website http://www.trustedcomputinggroup.org Trusted Mobile http://www.trusted-mobile.org/ Security Solutions http://www.nortel.com/solutions/securenet/index.html