INTERNAL GUIDE: Mr. Mr.G.

Shiva Krishna

Seminar By: VINAY BOMMA ROLL.NO:12M51D0517 M.TECH(CS) Department of Computer Science & Engineering RRS COLLEGE OF ENGINEERING & TECHNOLOGY

What is Palladium?
Palladium (Pd) is a set of new security-oriented capabilities in Windows Enabled by new hardware Goal is to protect software from software Defend against malicious software running in Ring 0 Four categories of new security features Sealed storage Attestation Curtained memory Secure input and output

Trusted Open Systems

Our OSs are designed for: Features Performance Plug-ability/Openness Applications Drivers Core OS components Ease of use, and Security Contrast this with the design of a smartcard OS

Nightmare Scenarios
A virus/Trojan that launches something worse than a denial of service attack: Trades a random stock (for mischief or profit) Posts tax-records to a newsgroup Orders a random book from Amazon.com Grabs user/password for the host/websites and posts them to a newsgroup Posts personal documents to a newsgroup

Trustworthy Computing
Trustworthy: worthy of confidence.

Examples: Credit card numbers that cant be stolen. Personal diary that can only be written and viewed by you or people you choose. Someone is who she says she is. There are currently ad-hoc solutions for some of these

concerns, Palladium seeks to solve them all.

Who To Trust?
Applications?
Operating systems can programmatically subvert

applications.

Operating System?
Hardware can programmatically subvert operating

systems.

Hardware?
Humans can subvert hardware, but not

programmatically.

So we have to start off trusting the hardware.

Chain of Trust
We start off trusting the hardware and build up, thus

creating a chain of trust.

Applications

Operating System

Hardware

Palladiums Goals
Usher in a new era of trustworthy computing by

enabling the PC to:

Perform trusted operations Span multiple computers with this trust Create dynamic trust policies Allow anyone to authenticate these policies

How Palladium Will Do It

Specifically, Palladium will add four new security

features that increase the trustworthiness of the machine:

Protected memory

Attestation
Sealed storage Secure input and output

It primarily does this through cryptographic keys and

algorithms.

Hardware Extensions
Security Support Component (SSC) Secure communication channels for: I/O Graphics Network Storage Chipsets CPU op-codes, registers, interrupts, and status bits

Software Extensions
Nexus (the kernel) shared source
Trusted agents (the applications)
So what is this, a whole other operating system?? Well, sort of

The New View

User Mode

Trusted User Mode

Kernel Mode

Trusted Kernel Mode

Two parallel operating systems? Not quite, the trusted kernel still relies on the untrusted kernel for most of its functionality.

SSC/Nexus Interaction
Sealed storage:
SSCs symmetric key, call it s
SSC hash of running Nexus kernel, call it h Arbitrary data pointed to by pointer p SSC implements two operations: c = SEAL(p) p = UNSEAL(c) Example implementation: SEAL: aes_encrypt(s+h, p) UNSEAL: aes_decrypt(s+h, p)

If either SSC or Nexus changes, cant retrieve data!

Bringing It All Together

Closed sphere of trust:

TCPA
Trusted Computing Platform Alliance Group of companies (about 200) Biggest players:

Microsoft Intel Compaq HP IBM

Same goal as Palladium: trustworthiness

All About the Hardware

TCPA specification only for hardware Its operating system agnostic Complete TCPA 1.1b spec online
One implementation of it in production machines

(one version of IBM Thinkpad) Palladium uses some of the TCPA spec

How Palladium Will Affect You

A Palladium PC will still run non-trusted apps So everything you have now will still work Palladium is opt-in You have to explicitly choose to use it Signed binaries means less chances of a trojan or virus

inserted into commonly used programs

Your Information is Secure

All your personal information is stored on your home

machine, not on some companys server. You control precisely who sees what and what they can do with it.
No more doctors new patient forms, no more filling

out credit card apps, etc.

Digital Rights Management

Probably the biggest issue with Palladium

Palladium will enable the media companies to protect

their content Which raises some questions:

So no more fair use? Can I still pirate?

Fair use: probably not for the short term

Piracy: you can still do it on the non-trusted

side

Open Source and Palladium

Will operating systems like Linux still run on a

Palladium PC?
Definitely.

Not only will Linux still run, but it could in theory be

modified to have a Nexus

Thus it could run trusted apps

No User Authentication
User authentication is done through Windows Ie, usual Windows logon User is tied to the machine and its keys Everything encrypted with combination of machines SSC and Nexus keys Switching machines could be tedious

3-Phase Deployment Plan

Deploy in corporations Use in internal networks Make sure sensitive data isnt leaked

Get major media companies involved Create trusted content and applications
End users/consumers Use the trusted apps and content Distribute personal information

Summary
Palladium is a hardware-based secure execution environment Palladium processes are isolated from each other by the hardware Palladium processes can store & retrieve secrets securely (based on their hash value) The nexus provides an execution environment and security/crypto-services to hosted agents Hardware provides crypto services to the nexus Recursively, the nexus provides these same services to agents running on top of it.

Conclusion
Palladium is a platform Enables ISVs to write trusted apps easily.