Gopi Vishnumolakala`s presentation
Download
Report
Transcript Gopi Vishnumolakala`s presentation
Presented by
Gopi Krishna V
Contents
Introduction
Security features of Trusted system
Problems with Trusted systems
Vaults Model
Protection Mechanism
Advantages of Vault
Conclusion
Introduction
Computer Security problem:
Earlier, many approaches have been tried in order to provide
security in use of computing resources, but we have only limited
success.
Why is this situation actually getting worse?
Reason: Increased use of distributed computing resources across
insecure networks and unpredicted run time interactions cause
hard to detect security flaws.
Many operating system security features developed earlier, which
have largely been ignored in the contemporary systems
Introduction
Importance of Host Security:
Protection mechanisms can be easily bypassed if
an attacker can gain access to the layer below that
where the protection mechanism resides.
Not only developing secure network protocols but
also provision of sufficiently secure operating
system.
Introduction
Importance of Host Security:
Protection mechanisms can be easily bypassed if
an attacker can gain access to the layer below that
where protection mechanism resides.
Not only developing secure network protocols but
also provision of sufficiently secure operating
system.
For sufficient secure foundation , lets have a look
at Trusted Systems.
Security features of Trusted System
Trusted systems are identified by two key features for
the provision of strong security.
Mandatory Security
Trusted path
Security features of Trusted System
Mandatory security:
Nowadays, the majority of systems use Discretionary access
control (DAC) where each user determines security policy.
However, Mandatory Access control(MAC) involves a
“security administrator” who determines security policy.
Trusted path:
It is a mechanism, where a user can interact directly with
security-critical system components in an authenticated
manner that cannot be imitated by malicious software.
Problems with trusted systems
Problems:
Documenting, developing, deploying and testing are
significant costs.
Vaults Model
Incorporating cryptography into the security
infrastructure by operating system kernel.
This infrastructure can be separated into two types.
Repository parts(Vaults).
protection mechanisms.
Vaults Model
Vaults:
A vault is simply a data structure holding sensitive data
to which the security kernel carefully controls access
according to a small set of simple, pre-defined rules.
Five different types of vaults
User vaults
Global Private Vault (GPRIV)
Global Public Vault(GPUV)
Escrow Vault
Fundamental Vault
Vaults Model
User Vaults:
Each user on the system has their own vault, where user
can store data virtually and retrieved whenever user
required.
Global Private Vault(GPRIV):
GPRIV is the system-wide equivalent of the user vaults.
Only the system kernel is able to directly access GPRIV.
Global public vaults(GPUV):
GPUV is opposite to GPRIV in that it holds values that
must be accessible by all users on the system as required.
Vaults Model
Escrow vaults:
It is similar to GPRIV vault.
It is used to hold keys for protected objects such that
they can be retrieved if required by the Security
administrator.
Fundamental Vaults:
The fundamental vaults are used to hold the keys for
encrypting the other four vaults.
Protection Mechanism
File Protection:
Protection of file system objects is one of the key security functions of
any OS.
Vaults provide protection to both read and write operations.
Read and Write protection:
Now a days, cryptographic file systems only provide confidentiality.
Writing into encrypted file is difficult.
Vaults provide file protection keys, where it can provide confidentiality
and integrity.
Message Authentication code(MAC) used to access write permission
Ticket and File sharing:
Tickets grant permissions to select users and to access objects using a
token.
Owner of the object creates protections(read/write),where token and
key are generated and stored in the GPRIV.
Protection Mechanism
Trusted Fingerprinting:
Under Vault architecture, System administrator uses
fingerprinting to protect themselves against threats.
Two types of fingerprinting:
Global Fingerprinting
Local Finger printing
Protection mechanism
Global Fingerprinting:
Global fingerprinting stores all authorized users’ finger
print in GPUB.
Whenever any user tries to execute a program file, the
kernel checks the particular user fingerprint in GPUB. If it
matches the fingerprint, it allows the execution.
There are three main advantages
It will check integrity of the program at the time of execution.
It removes the dependency static integrity checker on unsecured
components.
It prevents users from running modified program.
Protection Mechanism
Local fingerprinting:
It provides the security to individual user.
Vaults allow individual users to accumulate
fingerprints of the software .
It provides own security needs in their vault.
This means, it allows a user to implement their own
policy.
Protection Mechanism
Dual TCB and Extensible Trusted Path:
Trusted Computing Base(TCB) collection of
components responsible for enforcing security
policy.
Dual TCB
Global TCB
Local TCB
Global TCB handles components in system security with
fingerprints in GPUB.
Local TCB handles components of individual user fingerprint in
their own vault.
Advantages of Vault
Strong security :
Vaults provide a strong security baseline similar to
mandatory security features in trusted system.
Vaults implements Trusted finger print
mechanism.
Flexible and Intuitive security:
Providing more flexibility by offering own security
as needed.
The dual TCB prevents undetected modifications
of the program
Advantages of vaults
Advantages over conventional system:
It provides shield to users to get protected from
maliciously modified trusted code.
Security advantages of Cryptography:
It eliminates the complexity and easily tested.
Conclusion
Vaults provide a significant usability advantage, in that
users no longer need to manage and memorize a large
number of passwords and keys.