Adaptive Isolation for Security Patrick Schaumont Virginia Tech - - PowerPoint PPT Presentation
Adaptive Isolation for Security Patrick Schaumont Virginia Tech Dagstuhl Seminar 16441 1 November 2016 1 Objective 1. Contemporary Secure Computing An Example: Trusted Medical Applications 2. Building Blocks of Secure Computing - Attacker
Patrick Schaumont Virginia Tech Dagstuhl Seminar 16441 1 November 2016
1
An Example: Trusted Medical Applications
2
3
Hearing Implant Pacemaker Insulin Pump Neuro Stimulator Activity Tracker Fall Detector Blood Pressure Sensing Actuation Control Insulin Pump Glucose Level Insulin Open-loop (programmer) Defibrillator Heart Rate Shock Closed-loop External Internal
d d
4
Hearing Implant Pacemaker Insulin Pump Neuro Stimulator Activity Tracker Fall Detector Blood Pressure Body Area Network Inductive (200 KHz) MICS (401 MHz) Bluetooth (2.4 GHz) Zigbee (2.4 GHz) PAN (2.4 GHz) Gateway “The Cloud” Internet Doctor Patient Patient Record Storage Patient Record Analysis Real Time Monitoring Real Time Control
5
8-bit AVR 100KHz 8KB/2KB 16-bit MSP430 2MHz 24KB/4KB 32-bit ARM Cortex M 200MHz 1MB/64K 64-bit ARM Cortex A53 Quad Core 800MHz 2GB Intel Skylake 6x Quad Core 3GHz 24GB Main 16TB Secondary Heartbeat Anomaly Data bits have a uniform privacy/security concern
6
Security Safety Privacy
storage + transmission
7
Payroll Patient Patient Patient
DDR D$
Core MedicApp
Yahoo Finance
Isolated Data Stream (~confidentiality) Unlinkable Records (~privacy) Isolated Storage Isolated Execution Web Devel
8
Simple Architecture Extremely Complex Statically-stored Secrets Ephemeral Secrets Architecture Isolation is add-on Architecture Isolation is built-in Computation (Crypto) is slow Computation (Crypto) is fast Microcontrollers Servers
An Example: Trusted Medical Applications
9
10
Trusted Untrusted Trust Boundary
Trusted = to behave as expected Untrusted = we don’t know what will happen
An Attacker Model describes how the Adversary may breach trust boundary
11
OS Hardware I/O Task Secure Task Task
I/O Attacker Model
to secure task Machine Code Attacker Model
with memory image of secure task Hardware Attacker Model
implementation effects
12
Attack Model Countermeasure Machine Code Task Isolation
Hardware
I/O Memory Safety
Countermeasures always come with overhead on performance and/or implementation cost. Security is never free.
13
Assuming an Attacker Model implies choosing what you trust and what you do not trust
Abstraction Achieving Trust Example Information and Data Information Security Encryption & Decryption Signing & Verification Programs Trusted Computing Base Isolated Execution Physical Implementation Physical Security Side-channel Countermeas. Trusted Untrusted Trust Boundary
Isolation is one (but not the only) way to achieve trust
How does isolation help in achieving security?
guarantees in a secure implementation
useful security policy (Alice is lonely without Bob)
14
Key Key Key Exchange Encrypt Decrypt Isolation for Encryption Isolation for Key Storage Communication for Key Exchange Protocol Level (multi-architecture)
An Example: Trusted Medical Applications
15
16
Microcontrollers Servers Driving Example: SANCUS Driving Example: SGX Measuring Integrity -> Remote or Local Attestation
17
18
Alice’s Certificate Certificate Authority
19
20
Data Owner’s Computer gets assurance that it is talking to a Secure Container with specific Code, Data
21
manages Micro-Controller Node N
deploy Software SM
all software
all communications
22
points
for SM to SP
Auth, Integrity, Freshness between SM to SP
securely communicate
23
SM Text SM Data text end text start data end data start Module Identity M MSP430 Memory Map
memory access control 1. protected code access has protected data 2. protected code has controlled entry point
protect SP, layout unprotect
24
SM Text SM Data
Node Key KN
text end text start data end data start
Provider Key KN,SP = kdf(KN, SP) Module Key KN,SP,M = kdf(KN, SP, M)
Module Identity M
Hardware Root of Trust
MSP430 Memory Map
MAC-seal start, length, result
25
Untrusted: bios, drivers, kernel, hypervisor Trusted: Hardware (Intel CPU) Enclave (SW App)
allocated to Enclaves
26
Virtual Memory Map Enclave Process Code, Data + SECS
27
Lifecycle
An Example: Trusted Medical Applications
28
...), security is hardly quantified
architecture?
computing?
29
1. Michael Rushanan, Aviel D. Rubin, Denis Foo Kune, Colleen M. Swanson: SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks. IEEE Symposium on Security and Privacy 2014: 524-539. 2. Wayne Burleson, Shane S. Clark, Benjamin Ransford, Kevin Fu: Design challenges for secure implantable medical devices. DAC 2012: 12-17. 3. Frank Piessens, Ingrid Verbauwhede: Software security: Vulnerabilities and countermeasures for two attacker models. DATE 2016: 990-999. 4. Job Noorman, Pieter Agten, Wilfried Daniels, Raoul Strackx, Anthony Van Herrewege, Christophe Huygens, Bart Preneel, Ingrid Verbauwhede, Frank Piessens: Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base. USENIX Security Symposium 2013: 479-494. 5. Victor Costan, Srinivas Devadas: Intel SGX Explained. IACR Cryptology ePrint Archive 2016: 86 (2016). 6. Ittai Anati, Shay Gueron, Simon Johnson, Vincent Scarlata: Innovative Technology for CPU Based Attestation and Sealing. Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2013.
30