Скачать презентацию Putting Trust into the Network Securing Your Network Скачать презентацию Putting Trust into the Network Securing Your Network

731f11423e7a938204170e57ffcccf8f.ppt

  • Количество слайдов: 25

Putting Trust into the Network: Securing Your Network through Trusted Access Control Ned Smith Putting Trust into the Network: Securing Your Network through Trusted Access Control Ned Smith Intel NCAC April 27 th, 2005 Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1

Agenda • TCG Model for Trusted Computing • Establishing Endpoint Integrity / Identity • Agenda • TCG Model for Trusted Computing • Establishing Endpoint Integrity / Identity • Access Control Decisions Based on TPM • Relating XACML with TCG Integrity Schema Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #2

Challenges of Trusted Computing • Assurance of safe computing environments – Viruses, Worms, Rootkits, Challenges of Trusted Computing • Assurance of safe computing environments – Viruses, Worms, Rootkits, Spyware, Adware etc… – Identifying the endpoint is ambiguous • The endpoint has a distinct boundary – Controllers, busses, networks and peripherals associated with a platform • Authentication protocols presume authorization tokens are bound to the endpoint • Control of resources in foreign environments – Infosec policy associated with data as it moves through different computing environments – The environment must follow the policy Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #3

TCG Model of a Trusted Computing Platform Protection Domain Trusted Engine Policies Verification Engine TCG Model of a Trusted Computing Platform Protection Domain Trusted Engine Policies Verification Engine Measurement Engine Metrics Storage Engine Layer Services Provided Services Reporting Engine Enforcement Engine Layer Resources Dependent Services Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #4

Examples Secure Boot – A secure boot service implements Measurement and Reporting engines integrated Examples Secure Boot – A secure boot service implements Measurement and Reporting engines integrated with a Verification engine – The Verification engine evaluates measurements according to a policy to determine proper boot sequence – If the sequence is in error, an Enforcement engine is employed to terminate the boot process • Trusted Boot – Trusted boot service implements Measurement and Storage engines following the boot sequence – A Verification engine on a remote node (network server) evaluates the boot sequence at a later time Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #5

Decomposition for Network Access Control Access Requestor Domain Measurement Engine Metrics Storage Engine 2 Decomposition for Network Access Control Access Requestor Domain Measurement Engine Metrics Storage Engine 2 Measurement Attestation 1 Access Request Reporting Engine PDP Domain Policies 3 Verification Engine 4 PEP Domain Access Control 5 6 Enforcement Engine Apply Access 7 Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Network Connect Slide #6

How to Define the Endpoint? • Authentication tokens – Keys, pass-phrases, certificates etc… • How to Define the Endpoint? • Authentication tokens – Keys, pass-phrases, certificates etc… • • • Boot sequence Device enumeration Software install / load Running processes / threads Manufacturer intrinsic attributes – Model, version, quality metrics Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #7

Three Vectors of Endpoint Integrity / Identity • Measurement – Hash of software/firmware captures Three Vectors of Endpoint Integrity / Identity • Measurement – Hash of software/firmware captures platform state • Controllers and processors are enumerated and measured • Executing code may be scanned to determine its present state • Cryptographic Identity – Authentication keys • Reporting Engines use cryptographic keys to authenticate the reporting engine that by extension identifies the platform. • Origin Identity – MMV • Each component (device, platform, software package) can be identified by its Manufacturer, Model and Version (MMV) • Credentials issued by manufacturers contain MMV intrinsic assertions – Reference Measurements • Manufacturer provided signatures Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #8

Example: Pre-Boot Integrity Measurement Collection Log of Extended Values TPM Hash of Extended Values Example: Pre-Boot Integrity Measurement Collection Log of Extended Values TPM Hash of Extended Values Measure = Hash of code or data Execute = Code is loaded into CPU Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #9

Platform Configuration Registers (PCRs) • Stores cumulative configuration • Update is an Extend operation: Platform Configuration Registers (PCRs) • Stores cumulative configuration • Update is an Extend operation: – [PCR] = SHA-1 {[PCR] + Extend value} – Value: • It is infeasible to calculate the value A such that: – PCRdesired. Value = Extend (A) • PCRs re-initialized at system reset – TPM_Init • Measurement Log contains Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #10

Collecting Measurements After System Boot • A Platform Trust Service (PTS) can be used Collecting Measurements After System Boot • A Platform Trust Service (PTS) can be used to Measure Applications – Files • Read files from disk; compute a measurement – Processes • Ring 3 - DLL injection to read another processes memory • Ring 0 – Access pages in memory / DMA accesses Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #11

Example Platform Trust Service • Integrity of the PTS is established – Pre-boot by Example Platform Trust Service • Integrity of the PTS is established – Pre-boot by measuring PTS drivers included in OS image – Post-boot by measuring PTS process memory pages • PTS may measure processes and files – Determined by policy – e. g. protect integrity reporting infrastructure – Triggered by request – e. g. measure before connecting to the network Pre-boot Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #12

TCG Model for Exchanging Integrity Data Anti-Virus Collector Access Requestor Policy Decision Point Firewall TCG Model for Exchanging Integrity Data Anti-Virus Collector Access Requestor Policy Decision Point Firewall !OK Firewall Collector Verifier TNC Client TNC Integrity Collector TNC Server Batch Tunnel Status Patch Mgmt Collector Anti-Virus Verifier OK OK !OK OK OK Patch Mgmt OK Verifier TNC Integrity OK Verifier • IF-IMC & IF-IMV exchange messages containing posture information – – Messages are batched for delivery by TNCC / TNCS Either side may start a batched exchange IMCs and IMVs may subscribe to multiple message types Follow-on exchanges may continue indefinitely The TNC Server Makes • But may be gated by the underlying transport the Final Decision Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #13

Evaluation of Integrity Reports • Integrity Reports ought to be shadowed by a Reference Evaluation of Integrity Reports • Integrity Reports ought to be shadowed by a Reference Value – Reference values • “Normal” boot sequence will have repeatable PCR values • Versioning “freezes” code changes so hash values don’t change – Authentication keys have trust anchors – Watchdogs have a schedule of expected events • Reference Values Should Come from an Authoritative Source – Manufacturer – to detect modification due to stolen source – Evaluation labs – who make assertions of quality and conformance – Platform Owner – the entity taking the risk! Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #14

Integrity Harvesting Model Policy Authors Integrity Measurement Harvesters Harvesting Mechanism Value-Added Provider Reference Integrity Integrity Harvesting Model Policy Authors Integrity Measurement Harvesters Harvesting Mechanism Value-Added Provider Reference Integrity Measurements TCG Integrity Schema Submission Mechanism Integrity Signature Database Policy Authoring Mechanism TCG Certificates Policies / Rules Evaluation Mechanism Verifier (PDP) • Harvesting gathers Assertions and Values from a trustworthy source • TCG Integrity Schema defined structure = Anticipated TCG specification Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #15

TCG Integrity Schema • Consists of a tree of Assertions and hash Values – TCG Integrity Schema • Consists of a tree of Assertions and hash Values – – Reference measurements Quality assertions Development / Manufacturing processes Trust related operations • E. g. Creation of platform endorsement key • Associated with a Target “Component” – Composite attributes form its “Identity” • Manufacture name / vendor ID • Model number / name • Version information – Patch level – Component Identity is unique with respect to a release • Not necessarily a particular copy or instance Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #16

Integrity Schema and XACML • Evaluation correlates reference and actual values with appropriate consequences Integrity Schema and XACML • Evaluation correlates reference and actual values with appropriate consequences – A policy structure such as XACML may be helpful • An XACML Policy is a tree of – Policy. Set • Contains multiple Policies and policy references – Policy • Contains multiple Rules – Rule • Contains decision logic expressed in terms of Conditions and Effect • TCG Assertions may be mapped to XACML as Condition Attributes Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #17

A Conceptual Model Policy Authors Attribute Sources Reference Integrity Measurements Policy Authoring Mechanism Integrity A Conceptual Model Policy Authors Attribute Sources Reference Integrity Measurements Policy Authoring Mechanism Integrity Signature Database Policy Sources Policy Database TCG Certificates XACML Context XACML Request AR PEP PDP XACML Response Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. XACML Policy or Attribute References Slide #18

" src="http://present5.com/presentation/731f11423e7a938204170e57ffcccf8f/image-19.jpg" alt="XACML Condition Attribute " /> XACML Condition Attribute Attribute Sources Integrity Signature Database Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #19

Summary • TCG model for Trusted Computing is centered around collection and verification of Summary • TCG model for Trusted Computing is centered around collection and verification of trust attributes • Trust attributes can be applied to network access control • The TCG is developing infrastructure for collecting reference trust attributes • XACML may be a viable framework for making access decisions involving TCG trust attributes Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #20

Questions? • Contact Information – The Trusted Computing Group • www. trustedcomputinggroup. org • Questions? • Contact Information – The Trusted Computing Group • www. trustedcomputinggroup. org • [email protected] org – Infrastructure Working Group Co-Chairs • Ned Smith / Intel – ned. [email protected] com • Thomas Hardjono / Verisign – thomas. [email protected] com Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #21

Backup Copyright© 2004 Trusted Computing Group - Other names and brands are properties of Backup Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #22

Steps of a Trusted Network Connection Collection Reporting Decision Making Enforcement • • • Steps of a Trusted Network Connection Collection Reporting Decision Making Enforcement • • • Find out the condition of the platform Communicate platform state when connecting Remediation Decide what level of access is acceptable Restrict the environment in accordance with access rights Remediation may be required to reconcile denied access Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #23

Remediation Layer TCG Trusted Network Connect Architecture AR PEP PDP Integrity Measurement Layer Collector Remediation Layer TCG Trusted Network Connect Architecture AR PEP PDP Integrity Measurement Layer Collector Remediation Collector Applications Remediation Verifiers Resources Collector Integrity Measurement Collectors IF-V Integrity Evaluation Layer IF-IMC TNC Client Integrity Measurement Verifiers IF-IMV IF-TNCCS TNC Server Trust Layer Network Access Layer IF-Transport IF-PTS Platform Trust Service RTM / TPM Network Access Requestor Supplicant/ VPN Client, etc. Integrity Log Network Access Authority Policy Enforcement Point Switch/ Firewall/ VPN Gateway • Automated response and provisioning • Collection of integrity information • Authoring of rules • Reporting and transfer of integrity information • Access decision making • Enforcement mechanisms • Control of network boundary IF-PEP • PTS protects the integrity of TNC components • RTM protects PTS • TPM protects measurements and keys Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #24

TNC with 802. 1 X at Link Layer Network Boundary AR TNC PEP NAC TNC with 802. 1 X at Link Layer Network Boundary AR TNC PEP NAC Extensions Collector 802. 1 x Access Agent Requestor Verifier EAP Peer 802. 1 X PDP 802. 1 x PAE EAP Peer RADIUS Client RADIUS* Switch / Access Point RADIUS Server Verifier & Collector exchange posture information over EAP tunnel using EAP inner methods, AVPs or TLVs AR – Access Requester AVP – Attribute Value Pair EAP – Extensible Authentication Protocol PAE – Port Access Entity PDP – Policy Decision Point PEP – Policy Enforcement Point NAC – Network Access Control TLV – Tag Length Value Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #25