Palladium Intro

8/3/2019 Palladium Intro

http://slidepdf.com/reader/full/palladium-intro 1/24

Presented by:

K.NEEHARIKA(08H91A0530)GOKUL INSTITUTE OF TECHNOLOGY AND SCIENCES

[email protected]



What is Palladium? A set of hardware and software extensions to make the

PC more trustworthy.

Todays apps will still run just fine. You can disable Palladium extensions if you choose.

W hat exactly is trustworthy computing?

Good question



Trustworthy Computing Trustworthy: worthy of confidence.

Examples:

Credit card numbers that cant be stolen.

Personal diary that can only be written and viewed by you or people you choose.

Someone is who she says she is.

There are currently ad-hoc solutions for some of these

concerns, Palladium seeks to solve them all.



Who To Trust? Applications?

Operating systems can programmatically subvert

applications.

Operating System? Hardware can programmatically subvert operating

systems.

Hardware? Humans can subvert hardware, but not

programmatically.

So we have to start off trusting the hardware.



Chain of Trust W e start off trusting the hardware and build up, thus

creating a chain of trust.

Hardware

Operating System

Applications



Palladiums Goals Usher in a new era of trustworthy computing by

enabling the PC to:

Perform trusted operations Span multiple computers with this trust

Create dynamic trust policies

Allow anyone to authenticate these policies



How Palladium Will Do It Specifically, Palladium will add four new security

features that increase the trustworthiness of themachine: Protected memory

Attestation

Sealed storage

Secure input and output

It primarily does this through cryptographic keys andalgorithms.



Hardware Extensions Security Support Component (SSC)

Secure communication channels for:

I/O Graphics

Network

Storage

Chipsets

CPU op-codes, registers, interrupts, and status bits



Software Extensions Nexus

(the kernel)

shared source

Trusted agents

(the applications)

So what is this, a whole other operating system??

Well, sort of«



The New View

Two parallel operating systems?

Not quite, the trusted kernel still relies on theuntrusted kernel for most of its functionality.

Kernel Mode

User ModeTrusted

User Mode

Trusted

Kernel Mode



SSC/Nexus Interaction Sealed storage: SSCs symmetric key, call it s

SSC hash of running Nexus kernel, call it h

Arbitrary data pointed to by pointer p SSC implements two operations:

c = SEAL(p)

p = UNSEAL(c)

Example implementation: SEAL: aes_encrypt(s+h, p)

UNSEAL: aes_decrypt(s+h, p)

If either SSC or Nexus changes, can¶t retrieve data!If either SSC or Nexus changes, can¶t retrieve data!



Bringing It All Together Closed sphere of trust:



TCPA Trusted Computing Platform Alliance

Group of companies (about 200)

Biggest players: Microsoft

Intel

Compaq

HP

IBM

Same goal as Palladium: trustworthiness



All About the Hardware TCPA specification only for hardware

Its operating system agnostic

Complete TCPA 1.1b spec online One implementation of it in production machines

(one version of IBM Thinkpad)

Palladium uses some of the TCPA spec



How Palladium Will Aff ect You A Palladium PC will still run non-trusted apps

So everything you have now will still work

Palladium is opt-in You have to explicitly choose to use it

Signed binaries means less chances of a trojan or virusinserted into commonly used programs



Your Information is Secure All your personal information is stored on your home

machine, not on some companys server.

You control precisely who sees what and what they cando with it.

No more doctors new patient forms, no more filling

out credit card apps, etc.



Digital Rights Management Probably the biggest issue with Palladium

Palladium will enable the media companies to protecttheir content

W hich raises some questions: So no more fair use?

Can I still pirate?

Fair use: probably not for the short termFair use: probably not for the short term

Piracy: you can still do it on the nonPiracy: you can still do it on the non--

trusted sidetrusted side



Open Source and Palladium W ill operating systems like Linux still run on a

Palladium PC?

Definitely. Not only will Linux still run, but it could in theory be

modified to have a Nexus

Thus it could run trusted apps



No User Authentication User authentication is done through W indows

Ie, usual W indows logon

User is tied to the machine and its keys Everything encrypted with combination of machines

SSC and Nexus keys

Switching machines could be tedious



3-Phase Deployment Plan Deploy in corporations

Use in internal networks

Make sure sensitive data isnt leaked

Get major media companies involvedGet major media companies involved

Create trusted content and applicationsCreate trusted content and applications

End users/consumersEnd users/consumers Use the trusted apps and contentUse the trusted apps and content

Distribute personal informationDistribute personal information



Conclusion Palladium is a platform

Enables ISVs to write trusted apps easily.

First version in future version of W

indows Sometime around 2005 or 2006

W ill it work? W ho knows. Microsoft hopes so.

Do you want it to work? There are good and bad outcomes of it.

Its a personal decision.



Palladium Links Microsoft Palladium: A Business Overview

http://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp

Microsoft NGSCB Technical FAQ

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/NGSCB.asp Palladium Details

http://www.activewin.com/articles/2002/pd.shtml MicrosoftMeeting on Palladium

http://vitanuova.loyalty.org/2002-07-03.html

EPICs Palladium Coveragehttp://www.epic.org/privacy/consumer/microsoft/palladium.html InsideMicrosofts Secure OS Project Palladium

http://www.extremetech.com/article2/0,3973,837726,00.asp MIT Palladium Presentation

http://www.cryptome.org/palladium-mit.htm



More Palladium Links Interview with PalladiumsMario Juarez

http://www.digitalidworld.com/modules.php?op=modload&name=Ne ws&file=article&sid=74&mode=&order=0

Q&A: Palladium Initiative

http://www.microsoft.com/presspass/Features/2002/Jul02/07-01palladium.asp TCPA / Palladium FAQ

http://www.cl.cam.ac.uk/%7Erja14/tcpa-faq.html TCPA and Palladium: Sony Inside

http://www.kuro5hin.org/story/2002/7/9/17842/90350

TCPA and Palladium Technical Analysishttp://wintermute.homelinux.org/miscelanea/TCPA%20Security.txt Palladium and the TCPA

http://www.counterpane.com/crypto-gram-0208.html TCPA Homepage

http://www.trustedpc.org



Q uestions?

Date post:	06-Apr-2018
Category:	Documents
Upload:	anusha-nadiminti
View:	227 times
Download:	0 times

Palladium Intro

Documents