security model for embedded systems
play

Security model for embedded systems using Smack * Simple but secure - PowerPoint PPT Presentation

Aug 02, 2023 •157 likes •372 views

Security model for embedded systems using Smack * Simple but secure * S implified M andatory A ccess C ontrol K ernel - Jos Bollo - - Jos Bollo - Con Contex text Jos Bollo Intel Eurogiciel Tizen Smack Linux 2

  1. Security model for embedded systems using Smack * Simple but secure * S implified M andatory A ccess C ontrol K ernel - José Bollo - - José Bollo -

  2. Con Contex text ● José Bollo ● Intel ● Eurogiciel ● Tizen ● Smack ● Linux 2 February 2014 - José Bollo - Smack for embeddeds (2 2/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  3. Sma mack ck ove vervie rview ● The author of Smack Smack is mainly Casey Schaufler Casey Schaufler . ● In Linux since kernel 2 6 25 since kernel 2 6 25 – 17 April 2008 – as a LSM (Linux Security Module) LSM ● Evoluting since this first days. ● Inside Tizen Tizen since the first days (2012). ● Use extended file attributes extended file attributes to store data relating to files. ● Controlled via a filesystem interface: smackfs smackfs . ● Controls accesses of processes to files, IPC, sockets and processes (ptrace, signals, ...). 2 February 2014 - José Bollo - Smack for embeddeds (3 3/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  4. Th The Sm e Smack ck rule rules ● Smack's rules have 3 items: Simple !!! – the subject's label subject's label – the object's label object's label – the access access System User rwx This rule tells to allow read , write and execute access to objects labelled User for the processes labelled System . What are labels? What are subjects? What are objects? How to set? 2 February 2014 - José Bollo - Smack for embeddeds (4 4/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  5. The Smac he Smack voc ocabu abulary lary ● Labels Labels are just text (of valid ASCII characters) without any special meaning: they are compared to equality (case sensitive: a≠A). ● Subjects Subjects are running processes: any running process has a smack label. ● Objects Objects are files files , IPC IPC , sockets sockets , processes processes . ● The label of a running process is called its context context . – The commands id , ps (option -Z or -M), ls (option -Z) are prompting the contexts of the current process, the running processes, the files. ● The grantables accesses accesses are: read read (r), write write (w), execute (x), append append (a), lock lock (l), transmute transmute (t). execute 2 February 2014 - José Bollo - Smack for embeddeds (5 5/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  6. Setting Smac Set ting Smack ● How to set context? You can't! You can't! Except if you have the capability CAP_MAC_ADMIN CAP_MAC_ADMIN . # chsmack --access label file # echo -n label > /proc/$$/attr/current ● How to set rules? You can only reduce You can only reduce accesses for the current thread (inherited by accesses cloning). But if you have the capability CAP_MAC_ADMIN , you can change all rules. CAP_MAC_ADMIN # echo “subject object rwt” > /sys/fs/smackfs/load-self2 # echo “subject object rwt” > /sys/fs/smackfs/load2 # echo “subject object rwt” > smackload 2 February 2014 - José Bollo - Smack for embeddeds (6 6/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  7. Target rgets de s devices es In-vehicle infotainment (IVI) television mobile hansets NUCs and boxes 2 February 2014 - José Bollo - Smack for embeddeds (7 7/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  8. Targ argets ets us usag ages es Single seat Multi seats handsets Single user boxes IVI is using tablets - laptops Multi users IVI Wayland Wayland NUC Multi seats is meaning that several users are using the same system through several interfaces. 2 February 2014 - José Bollo - Smack for embeddeds (8 8/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  9. Installe Inst ler r on only model model Trusted System Installed (installed, signed) Applications (untrusted) Installer Installed Application with manifest The installer enable the application and configure the system according to the manifest. Smack rules process for authorised services Trusted environment 2 February 2014 - José Bollo - Smack for embeddeds (9 9/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  10. Ins Insta taller + ller + l laun unche cher m r model del Trusted System Installed (installed, signed) Applications The installer enable the application (untrusted) and configure it according to the Installer manifest. Installed Application with manifest launcher The launcher prepare the environment in agreement with the manifest and launch the application. Smack rules process for authorised services Trusted environment 2 February 2014 - José Bollo - Smack for embeddeds (10 10/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  11. Sec Security urity of ap of applica plications tions Tizen offers the possibility to install applications that are either natives or widgets (W3C compliant) or a mix of the both. Each application has potentially access to a wide variety of services. The accessed services MUST be conform to what the manifest of the application is claiming for. That is the condition to have a trusted system, a secure system. Services Widget Service 1 Service 2 Service 3 Applications ... Native Web RunTime Applications Kernel IPC Ok, but how to do that??? 2 February 2014 - José Bollo - Smack for embeddeds (11 11/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  12. Imple mplemen menta tations tions ● The problem is difficult due to its power characteristic: controlling N ressources for M kinds of accesses brings to M N cases! ● For Tizen 2.0 there was many smack rules (for a basic mobile hanset, not less than 33232 rules! ) – Each application have a own context label – The rules are the spare matrix of all the authorised accesses ● For tizen 3.0 IVI the three-domains model will be used. – Basically, three subject labels exist: _ _ , System System and User User – There few more object labels – The rules are restricted to the minimum – It requires a launcher to achieve the full control of accesses 2 February 2014 - José Bollo - Smack for embeddeds (12 12/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  13. Three- Thre e-domain domains mode s model overvie ove rview Base system: _ The floor domain provides the foundation upon which the system is built Services: System The System domain is comprised of the basic System::Run system services and the System::Shared data they maintain. System::Log Applications: User The User domain is comprised of the services that interact directly with the person using the Tizen system and the data those services maintain. 2 February 2014 - José Bollo - Smack for embeddeds (13 13/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  14. Links ks ● LSM Smack http://schaufler-ca.com/ ● https://www.kernel.org/doc/Documentation/security/Smack.txt ● ● Smack utilities https://github.com/smack-team/smack ● ● Tizen https://www.tizen.org/ ● https://wiki.tizen.org/wiki/Security:Smack ● https://wiki.tizen.org/wiki/Security:SmackThreeDomainModel ● 2 February 2014 - José Bollo - Smack for embeddeds (14 14/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  15. Summary Summary ● It works well and is really simple to learn. ● You can activate it on any Linux kernel. ● The embedded linux distribution TIZEN implements it and its community can help you. ● You can contribute to improve the smack tools and models. 2 February 2014 - José Bollo - Smack for embeddeds (15 15/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  16. Que Questions tions Thanks 2 February 2014 - José Bollo - Smack for embeddeds (16 16/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  17. EUROGICI EUROGICIEL EL ● Open source development and integration: ● Maintainers for tizen.org (Base, Test, Web Framework,... domains) ● Embedded systems for real-time multimédia: – Widi/Miracast stack, – Wayland/Weston, – Webkit2 browser with HW acceleration, ● Application: HTML5/CSS3, jquery, jqmobi, Cordova ● Location : Brittany – France ● http://www.eurogiciel.fr/ 2 February 2014 - José Bollo - Smack for embeddeds (17 17/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

  18. Evolution olutions of s of S Sma mack ck ● The author of Smack Smack is mainly Casey Schaufler Casey Schaufler . ● In Linux since kernel 2 6 25 since kernel 2 6 25 – 17 April 2008 – as a LSM LSM (Linux Security Module) ● Evoluting since this first days. ● Lock access mode (kernel 3.13) ● Support for multi-rule write to load2 and change-rule (kernel 3.12) ● Maximum value for CIPSO category change from 63 to 184 (kernel 3.12) ● Longer Smack labels (24->255) and recursive transmute (kernel 3,5) ● Transmute access mode (kernel 2.6.38) 2 February 2014 - José Bollo - Smack for embeddeds (18 18/16) /16) 2 February 2014 - José Bollo - Smack for embeddeds (

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

embedded security October 2015 The Old Model (simplified view) Embedded Security Benedikt

embedded security October 2015 The Old Model (simplified view) Embedded Security Benedikt

embedded security October 2015 The Old Model (simplified view) Embedded Security Benedikt Gierlichs KU Leuven, COSIC IACR Summer school 2015 Chia Laguna, Italy Attack on channel between communicating parties Encryption and

412 views • 6 slides
Systems Security: Hardware, embedded system and IoT security Stjepan Picek s.picek@tudelft.nl

Systems Security: Hardware, embedded system and IoT security Stjepan Picek s.picek@tudelft.nl

Systems Security: Hardware, embedded system and IoT security Stjepan Picek s.picek@tudelft.nl Delft University of Technology, The Netherlands April 23, 2018 Outline 1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4

1.35k views • 64 slides
1 Outline Orbital Insertion Example Model-based Programming Turn camera off and engine on

1 Outline Orbital Insertion Example Model-based Programming Turn camera off and engine on

Programming Long-lived Embedded Systems With Complex Autonomic Processes Model-based Programming: Controlling Embedded Systems by Reasoning about Hidden State Brian C. Williams And Michel Ingham Artificial Intelligence and Space Systems Labs

551 views • 7 slides
ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect

ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect

ELC 2013 Security: Best Practices for Embedded Systems John Mehaffey Senior System Architect Embedded Systems Division mentor.com/embedded Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions. Linux

544 views • 17 slides
HW/SW Codesign w/ FPGAs Embedded Systems ECE 495/595 Overview (Slides from Embedded Systems

HW/SW Codesign w/ FPGAs Embedded Systems ECE 495/595 Overview (Slides from Embedded Systems

HW/SW Codesign w/ FPGAs Embedded Systems ECE 495/595 Overview (Slides from Embedded Systems Design, F. Vahid and T. Givargis) Embedded computing systems definition: Computing systems embedded within electronic devices. Hard to define

396 views • 26 slides
Embedded systems and the role of programmable logic devices in embedded systems Embedded system :

Embedded systems and the role of programmable logic devices in embedded systems Embedded system :

Embedded systems and the role of programmable logic devices in embedded systems Embedded system : a combination of computer hardware and software, and perhaps additional mechanical or other parts, designed to perform a dedicated function. In some

414 views • 20 slides
Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth workshop Introduction to the workshop PROOFS: Security Proofs for Embedded Systems UCSB August 20, 2016 5th edition of PROOFS PROOFS 2012:

311 views • 7 slides
A Large Scale Analysis of the Security of Embedded Firmwares A. Costin , J. Zaddach, A.

A Large Scale Analysis of the Security of Embedded Firmwares A. Costin , J. Zaddach, A.

A Large Scale Analysis of the Security of Embedded Firmwares A. Costin , J. Zaddach, A. Francillon, D. Balzarotti EURECOM, France 20th August 2014 USENIX Security '14 San Diego, USA Embedded Systems Are Everywhere Andrei Costin 2 By

1.03k views • 72 slides
On the Correctness of Model Transformations in the Development of Embedded Systems Gabor Karsai,

On the Correctness of Model Transformations in the Development of Embedded Systems Gabor Karsai,

On the Correctness of Model Transformations in the Development of Embedded Systems Gabor Karsai, Anantha Narayanan, Sandeep Neema Institute for Software-Integrated Systems Vanderbilt University Nashville, TN 37235, USA Overview The

667 views • 30 slides
Inception: System-Wide Security Testing of Real- World Embedded Systems Software Nassim

Inception: System-Wide Security Testing of Real- World Embedded Systems Software Nassim

Inception: System-Wide Security Testing of Real- World Embedded Systems Software Nassim Corteggiani (Maxim Integrated / EURECOM) Giovanni Camurati (EURECOM) Aurlien Francillon (EURECOM) 08/15/18 Embedded Systems Are Everywhere [1]

911 views • 65 slides
THE ACTOR MODEL APPLIED TO THE RASPBERRY PI AND THE EMBEDDED DOMAIN Omer Kilic || @OmerK

THE ACTOR MODEL APPLIED TO THE RASPBERRY PI AND THE EMBEDDED DOMAIN Omer Kilic || @OmerK

THE ACTOR MODEL APPLIED TO THE RASPBERRY PI AND THE EMBEDDED DOMAIN Omer Kilic || @OmerK Erlang Solutions Ltd. 1 Agenda Current state of Embedded Systems Overview of the Actor Model Erlang Embedded Project Modelling and

1.01k views • 61 slides
4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of

4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of

4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of contents What is an embedded system Examples of research topics Admission Overview of the programme Success rates Master Embedded

814 views • 31 slides
for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1 Security-sensitive hardware: examples 2 Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure

904 views • 45 slides
Embedded Systems (ESII) Prof. Dr. J. Henkel, Dr. M. Shafique CES - Chair for Embedded Systems

Embedded Systems (ESII) Prof. Dr. J. Henkel, Dr. M. Shafique CES - Chair for Embedded Systems

1 ESII: ASIPs_ISEs Design and Architectures for Embedded Systems (ESII) Prof. Dr. J. Henkel, Dr. M. Shafique CES - Chair for Embedded Systems Karlsruhe Institute of Technology, Germany Today: Embedded Processor Platforms ASIPs and Extensible

1.5k views • 89 slides
Software Engineering for Embedded Systems Software Engineering for Embedded Systems Dr.-Ing.

Software Engineering for Embedded Systems Software Engineering for Embedded Systems Dr.-Ing.

Software Engineering for Embedded Systems Software Engineering for Embedded Systems Dr.-Ing. Mohammad. Abdullah Al Faruque Dipl.-Inform. Sebastian Kobbe CES - C hair for E mbedded S ystems (Prof. Dr. Jrg Henkel) Department of Computer Science

847 views • 72 slides
Embedded Systems Programming Synchronous Model (Module 26) Yann-Hang Lee Arizona State

Embedded Systems Programming Synchronous Model (Module 26) Yann-Hang Lee Arizona State

Embedded Systems Programming Synchronous Model (Module 26) Yann-Hang Lee Arizona State University yhlee@asu.edu (480) 727-7507 Summer 2014 Real-time Systems Lab, Computer Science and Engineering, ASU Actor-Oriented Design Object

448 views • 8 slides
Outline Database Security: Research Motivation and Practice Access Control Multilevel

Outline Database Security: Research Motivation and Practice Access Control Multilevel

Outline Database Security: Research Motivation and Practice Access Control Multilevel Relational Data Model Concurrency and Object Oriented Elisa Bertino, Sushil Jajodia and issues Pierangela Samarati Conclusions Presented

492 views • 5 slides
CS 423 Operating System Design: MP4 Walkthrough Mohammad Noureddine Spring 2018 CS 423:

CS 423 Operating System Design: MP4 Walkthrough Mohammad Noureddine Spring 2018 CS 423:

CS 423 Operating System Design: MP4 Walkthrough Mohammad Noureddine Spring 2018 CS 423: Operating Systems Design Goals for Today Learning Objective: Understand Linux Security Modules Go through implementation details of MP4

702 views • 33 slides
TDDD17 Informatjon Security (VT 2019) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2019) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2019) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Several of the slides in this slide set are adaptations from slides made available for the database textbook by Elmasri and

284 views • 27 slides
Ostro OS security architecture An IoT OS security architecture that is so boring that you can

Ostro OS security architecture An IoT OS security architecture that is so boring that you can

Ostro OS security architecture An IoT OS security architecture that is so boring that you can sleep soundly at night Ismo Puustinen, Intel Finland What is Ostro OS? https://ostroproject.org IoT operating system, based on Yocto project

261 views • 9 slides
Security and Authorization Ramakrishnan & Gehrke, Chapter 21 320302 Databases & Web

Security and Authorization Ramakrishnan & Gehrke, Chapter 21 320302 Databases & Web

Security and Authorization Ramakrishnan & Gehrke, Chapter 21 320302 Databases & Web Services (P. Baumann) 1 Overview Introduction Internet security Database access control How to hack a database 320302 Databases &

659 views • 41 slides
Mandatory Access Control for Carrier-Grade Linux Clusters (as part of the DSI project)

Mandatory Access Control for Carrier-Grade Linux Clusters (as part of the DSI project)

Mandatory Access Control for Carrier-Grade Linux Clusters (as part of the DSI project) Miroslaw.Zakrzewski@Ericsson.ca Ericsson Research Canada Open System Lab Montral Canada http://www.risq.ericsson.ca Rev PA1 2002-05-22 1 Ericsson

841 views • 42 slides
Rewrite-Based Access Control Policies in Distributed Environments Maribel Fern andez Kings

Rewrite-Based Access Control Policies in Distributed Environments Maribel Fern andez Kings

Rewrite-Based Access Control Policies in Distributed Environments Maribel Fern andez Kings College London Joint work with Clara Bertolissi (LIF, Univ. Marseilles) 12th CREST Open Workshop - Security and Code April 2011 M. Fern andez

1.04k views • 30 slides
1 Multilevel Security Different security levels for resources Important systems A

1 Multilevel Security Different security levels for resources Important systems A

Last time Threats Introduction Threat analysis Policy Introduction to access Specification control matrix Design Implementation Operation and Maintenance 7/10 - 05 Distributed systems - Jonny Pettersson, UmU 1 Security in the

444 views • 13 slides

More recommend