First Year Reviewre-trust.dit.unitn.it/files/deliverable/presentation/y1... · 2007. 10. 12. · 2...
Transcript of First Year Reviewre-trust.dit.unitn.it/files/deliverable/presentation/y1... · 2007. 10. 12. · 2...
First Year Review
WP1: Architectural Framework
Trento - September 24th, 2007
Prof Yoram Ofek
2
Objectives
• To provide the architectural framework for the design of both SW-based and HW/SW-based methods (WP2-4)
• To receive feedback from both SW-based and HW/SW-based methods (WP2-4)
• Consequently, development in two phases:
• Phase 1 – initial architectural framework at the beginning of the project for WP2-4 activities.
• Phase 2 – reference architectural towards the end of the project will reflect the scientific/technological findings:
• Proof of concepts, definition of possible product solutions, and possible standardizations
3
Participants
• UNITN (WP leader)• Team:- Bruno CRISPO
- Amitabh SAXENA
- Mariano CECCATO
- Jasvir NAGRA
- Paulo TONELLA
- Danilo SEVERINA
- Yoram OFEK
- Alessandro ZORAT
•• Team:Team:-- Bruno CRISPOBruno CRISPO
-- Amitabh SAXENAAmitabh SAXENA
-- Mariano CECCATOMariano CECCATO
-- Jasvir NAGRAJasvir NAGRA
-- Paulo TONELLAPaulo TONELLA
-- Danilo SEVERINADanilo SEVERINA
-- Yoram OFEKYoram OFEK
-- Alessandro ZORATAlessandro ZORAT
4
Participants
• UNITN (WP leader)
• KUL• Team:- Bart PRENEEL
- Brecht WYSEUR
- Jan CAPPAERT
- Dries SCHELLEKENS
- Thomas HERLEA
•• Team:Team:-- Bart PRENEELBart PRENEEL
-- Brecht WYSEURBrecht WYSEUR
-- Jan CAPPAERTJan CAPPAERT
-- Dries SCHELLEKENSDries SCHELLEKENS
-- Thomas HERLEAThomas HERLEA
5
Participants
• UNITN (WP leader)
• KUL
• GEMALTO- Team:
- Jean-Daniel AUSSEL
- Jerome D’ANNOVILLE
-- Team:Team:
-- JeanJean--Daniel AUSSELDaniel AUSSEL
-- Jerome DJerome D’’ANNOVILLEANNOVILLE
6
Participants
• UNITN (WP leader)
• KUL
• GEMALTO
• POLITO
- Team:
- Mario BALDI
- Stefano DI CARLO
- Paolo FALCARIN
- Antonio DURANTE
- Alberto SCIONTI
- Davide D’APRILE
-- Team:Team:
-- Mario BALDIMario BALDI
-- Stefano DI CARLOStefano DI CARLO
-- Paolo FALCARINPaolo FALCARIN
-- Antonio DURANTEAntonio DURANTE
-- Alberto SCIONTIAlberto SCIONTI
-- DavideDavide DD’’APRILEAPRILE
7
Participants
• UNITN (WP leader)
• KUL
• GEMALTO
• POLITO
• SPIIRAS- Team:
- Igor KOTENKO
- Vasily DESNITSKY
- Victor VORONTSOV
- Vitaly BOGDANOV
-- Team:Team:
-- Igor KOTENKOIgor KOTENKO
-- VasilyVasily DESNITSKYDESNITSKY
-- Victor VORONTSOVVictor VORONTSOV
-- VitalyVitaly BOGDANOVBOGDANOV
8
WP1 First Year Tasks – Phase 1
• Task1.1 – Trust requirements of generic classes of
applications (Dates: M0-9)
Participants: UNITN, POLITO, GEM, KUL, SPIIRAS
• Task1.2 – SW-based initial architectural
framework (Phase 1) (Dates: M0-9)
Participants: POLITO, UNITN, KUL
• Task1.3 – HW/SW -based initial architectural
framework (Phase 1) (Dates: M3-12)
Participants: KUL, GEM, UNITN
9
WP1 Phase 1 Tasks
M1 M2 M3 M4 M5 M6 M7 M8 M9 M10 M11 M12 M13 M14 M15 M16 ...
T1.1T1.1
T1.2T1.2
T1.3T1.3
10
WP1 Last Year Tasks – Phase 2
• Task1.4 – SW-based reference architecture and
product solution definitions (Dates: M18-30)
Participants: UNITN, POLITO, KUL
• Task1.5 – HW/SW-based reference architecture
and product solution definitions (Dates: M24-36)
Participants: UNITN, KUL, GEM
11
WP1 Phase 2 Tasks
M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28 M29 M30 M31 M32 ...
T4.4T4.4
T4.5T4.5
12
Trust Requirements of Generic
Classes of Applications
T1.1T1.1
• Trust requirement:
• Trust necessary condition: some sort of “identity”
Signature/attestation/authentication
of SW & HW in run-time
• Network connectivity (continuous)
���������
�� �����������������
���������� ����������������
�������������������Core of Trust
13
����������������
������������
�!������"��������������"��
�#��$������������������$�%�&���$���
�' ' ' ' ' '
���(�������������������
����� ���)�*����+�������!�*����,�����+����
�!-�� ��$����������������������
�����
��� ������������ ���������
)����"���������)����"���������
�� �����������������
���������� ��������
��������
“Core of Trust”
T1.1T1.1
Generic Applications T1.1T1.1
14
Generic Applications
•• Sending data packets requirementSending data packets requirement
•• Secure tags and data packets are Secure tags and data packets are
flowing in the same directionflowing in the same direction
•• Client server Client server –– focus on:focus on:
•• eCommerce (e.g., credit authorization)eCommerce (e.g., credit authorization)
•• eGovernmenteGovernment / / eVotingeVoting / e/ e--……
•• Network protocolsNetwork protocols –
avoid unfair usage/attacks
TCP, Chat client, 802.11, …
T1.1T1.1
15
Generic Applications
•• Receiving data packets:Receiving data packets:
•• Private data Private data –– focus on:focus on:
•• Grid computing Grid computing –– privacy privacy protectionprotection
•• Grid computing Grid computing –– integrity integrity protectionprotection
•• Digital Right Management (DRM) Digital Right Management (DRM) ––
Audio/video content distributionAudio/video content distribution
T1.1T1.1
16
•Initial Example: Content Protection
• The problem:
How to ensure proper use of
copyright protected content
• 1st solution
Conditional playing of
audio and video content
Generic Applications T1.1T1.1
17
2nd
EntrustingMachine
Replaceable Code +[Obfuscated]
Tag Generator
[Obfuscating]
CompilerCode
ReplacementSecure taggenerator
Messages + Secure tags
Core of TrustApplication on 1st untrusted
Machine
I. Observes/Monitores for code signatureand/or
II. combined/interlocked into the application
Then generating secure tags
Periodic Replacementof SW parts &
Parameters
Checking/validatingsecure tags
SW-based initial architectural framework
Initial Functional Description: SW-based Tamper Resistance
T1.2T1.2
18
• No single architecture yet …
• No comprehensive solution to:
1.1. Combining/interlocking of two programsCombining/interlocking of two programs
2.2. Tamper resistance (TR) of the aboveTamper resistance (TR) of the above
SW-based initial architectural framework
Initial Functional Description:
SW-based Tamper Resistance
T1.2T1.2
19
Trusted platform (server) Untrusted platform (client)
Tag sequence
verifier
Monitor factory
HW
OS
P
M
Tag
sequence
Replace
monitor
WP2- Initial Functional Description
T1.2T1.2
20
SecureHardware:Smart card, etc.+ Cryptographic Functions
Untrusted “public” channel:OS, etc.With/withoutencryption
2nd
EntrustingMachine
[Obfuscating]
CompilerCodeReplacement
Secure taggenerator
Messages + Secure tags
Core of Trust
Applicationon 1st
untrusted Machine
Periodic Replacement
of SW parts & Parameters
Checking/validatingsecure tags
CryptoFunctions
Replaceable Code[e.g., Obfuscated]
+ Tag Generator
I. Observes/monitores for code signatureand/or
II. Combined/interlocked into the application
Then generating secure tags
SW/HW-based Initial Architectural FrameworkInitial Functional Description:
HW/SW-based – Tamper Resistance
T1.3T1.3
21
Milestones
• Milestones end of first year (Month 12):
• Initial architectural framework – several will be discussed
• Initial version of prototype embodying replacement and SW-based protection
• Current prototypes:
• Chat client (WP2)
• VNC client (WP2)
• Car race game (WP2/WP3)
• USB smart card with obfuscation, ciphering, tag checking – architecting the remote entrusting principle –the trusted entity is the card (WP3 – Gemalto)