Security Course - Carnegie Mellon University

Download Report

Transcript Security Course - Carnegie Mellon University

Welcome.
Workshop on Trust Infrastructures
Robert Thibadeau
School of Computer Science
Carnegie Mellon University
[email protected]
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
1
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
2
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
3
BADTRANS B (new version, Nov
24, 2001, first report)
If the .scr or .pif attachment is opened, the worm displays a message box
entitled, "Install error" which reads, "File data corrupt: probably due to a bad
data transmission or bad disk access." A copy is saved into the WINDOWS
directory as INETD.EXE and an entry is entered into the WIN.INI file to run
INETD.EXE at startup. KERN32.EXE (a backdoor Trojan), and HKSDLL.DLL (a
valid keylogger DLL) are written to the WINDOWS SYSTEM directory, and a
registry entry is created to load the Trojan upon system startup.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\
RunOnce\kernel32=kern32.exe
Once running, the Trojan attempts to mail the victim's IP Address to
the author. Once this information is obtained, the author can connect to
the infected system via the Internet and steal personal information
such as usernames, and passwords. In addition, the Trojan also
contains a keylogger program which is capable of capturing other
vital information such as credit card and bank account numbers
and passwords. … main problem reports are coming from home users…
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
4
First two Workshops in a
Series..
.. of Workshops in response to the need for better
industry, government, and academic communication
with regard to critical issues in planning and
deployment of systems of trust.
…could we have averted the security disasters of cable modems and
dsl?
The workshops are educational and it’s our intent to have
the key participants shape them.
More than one or two? Too many issues. First is overview
of all trust infrastructures, second is first focused on
one subset: National ID Cards.
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
5
“CMU Security Workshop
Series”
•
•
•
•
•
Security? Shamos: Any security problem
where a computer is involved…
Any trust problem where a computer is
involved …
Educational : We Look at Deployable
Solutions and Identify the Hard Problems
Results: Better products, better service,
better standards, better research
Goal: Products, services, standards, and
research that greatly improve computerrelated trust – fulfilling an educational role
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
6
Method
•
•
•
First Part: Review Deployable Solutions and
some Interesting new Research
Keep Notes on Hard Problems that seem to
be revealed : HANDOUTS!
Plenary and/or Breakout on what participants
identify as the Hard Problems and discussion
on How these can be Addressed.
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
7
Program Agenda
8:30am Introduction to the CMU Workshop Series Dr. Robert Thibadeau,
9:00am Keynote, The View from the Front Lines Simon Perry, Senior VP Security, Computer
Associates
10:00 Platform Security: Securing Applications with Firmware Dr. Robert Baldwin, Principal
Security Architect, Phoenix Technologies
10:15 Platform Security, Intel Protected Access Architecture Luke Girard, Principal IPAA
Architect, Intel
10:30 Coffee break
10:45 User Authentication Katherine Hollis, Director, Global Information Assurance, EDS
11:00 Platform Security David Grawrock, Senior TCPA Architect, Intel
11:15 O/S Security John Doyle, Director Business Development, Harris Corporation
11:30 Platform Security Dr. Len Veil, CTO, Wave Systems
12:00pm Policy Control Tommy Wang, CEO, Interlytics
12:15 Intelligent Firewall Technology James Joyce, CEO, TechGuard Security
12:30 Risk Management Shawn Butler, Ph.D Student, CMU
12:45 Lunch
1:45 Two sides to the story Dr. Geoffrey Strongin, Principal Security Architect, AMD
2:00 Trust Structure Interplay Allen, Executive VP, Wave Systems
2:30 Hard Problems Agenda
3:00 Agenda Breakouts
4:30 Break
4:45 – 5:30 Next Steps, Robert Thibadeau, Carnegie Mellon, John Bourgein, IMA
6:30 Cocktails & Dinner, Wyndam Hotel Sponsored by AMS and Intelytics
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
8
Today and Tomorrow Workshop
Team
John Bourgein – Chief Cook and Bottle Washer
Robert Thibadeau – Trust Infrastructure Guru
Mike Shamos – National ID Card Guru
Sponsors
School of Computer Science, CMU
Institute for Software Research International – ISRI
Robotics Institute
eCommerce Institute
AMS & Intelytics Dinner at Wyndam
Tomorrow
Workshop on National ID Cards
Sponsor : AMS
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
9
Workshop
on Trust
Infrastructures
Theme : The Interplay of Trust
Infrastructures
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
10
Trust Infrastructures?
Computers are Complex Systems
Means You
Need
More than One Source
Of Trust
Many Trust Infrastructures participate in the Trust Equation
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
11
Examples
•
Virus Checkers : Central Source of Trust
managed by the Virus Checker Company :
Target is detecting malicious Applications
and Data
•
PKI : Authenticating authorized users and
programs managed by a hierarchy of trust
based on trap door cryptography.
•
Domains : Managing access to programs and
data across machines as supplied by an OS
and a central Domain Controller.
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
12
Cataloguing Trust Infrastructure
Products, Standards, & Research
(by Target)
• OS (Windows, Linux, BSD…)
• Device (BIOS, CPU, Video/Audio, Storage)
• User (Biometrics, PKI, Smart Cards, Dongles)
• Applications (Virus Checkers, Call/Code
Authentication)
O1
D2
U1
A1
S1
Server (Secure Email, SSL)
C3
N1
E1
•
• Content (Copy protection, tamper protection,
document authentication)
• Network (VPNs, Firewalls, Proxy Servers, Intrusion
Detection, Forensics)
• Enterprise (Central Management Consoles, Risk
Measurement)
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
13
Acronym Scrabble Fun
O1
D2
DOES AN CU
USE DOC AN
A CODE NEU
A USE COND
A SUN CODE ;-}
CON USE AD
SOD CAN US
CAN DO USE ;-}
COUNSE AD
ANSUCODE
SUNACODE
USA N CODE
U1
A1
•
S1
C3
N1
E1
A SUN CODE
– A “trust infrastructure” puts a
single Bright Light on what is
otherwise done in darkness
•
CAN DO USE
– What CAN the trust
infrastructure DO?
– How can we USE it?
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
14
Cataloguing Trust Solutions
A SUN CODE
(by target)
Applications – Virus Check, Call/Code Authentication
Server – SSL, Email security
User – Smart Cards, PKI
Network – TCP/IP, VPNs, IPSec, Forensics
Content – Copy/Tamper/Authentication Protect
Operating System – Application Environment
Device – BIOS, Keyboard, Video, Storage, DA
Enterprise – Central Management, Risk
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
15
Today’s Workshop Agenda
•
What are the Trust Infrastructures?
– Let’s listen to some of those that are new but deployable
today.
•
What are the Hard Problems?
– Where do we need additional sources of trust, but don’t
really know yet how to supply them?
– E.g. Hard Problems
» Personal Privacy
» Enterprise Risk Assessment
» Open Trust: One source of trust relying on another
source of trust
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
16
Cataloguing Trust Solutions
CAN DO USE
Content – Copy/Tamper/Authentication Protection
Application – Virus Check, Call/Code Authentication
What
CAN the trust
Network – VPNs,
Forensics
infrastructure DO?
Device – BIOS, Keyboard, Video, Storage
How
can
we
USE
it?
OperatingWhat
System – Application Environment
doesn’t the trust
infrastructure
do?
User – Smart Cards,
PKI
can
we do about it?
Server What
– SSL, Email
security
Enterprise – Central Management, Risk
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
17
Virus Checkers
•
•
•
•
Hard Problem : Post-Hoc : Work only after
bad agents are discovered
What can we do? Maybe a trust infrastructure
like intrusion detectors – that can predict new
intrusion patterns from existing virus
databases? BadTrans is a conventional Spy.
Hard Problem : Why can’t I just modify the
virus checker to delete real code and to avoid
my trojan horses?
What can we do? Maybe a trust infrastructure
that constantly, and with certainty,
authenticates the virus checker.
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
18
Today
•
•
Jot down hard problems and we’ll examine
them in the afternoon.
THEME : Interplay of Trust Infrastructures
•
CD of Powerpoint and Digital Videos
Documenting Workshop
•
White Paper Summarizing Presentations and
Results (Thibadeau)
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
19
Let’s Begin
Simon Perry
VP Security
Computer Associates
Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001
20