Welcome. Workshop on Trust Infrastructures Robert Thibadeau School of Computer Science Carnegie Mellon University rht@cs.cmu.edu Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 1 Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 2 Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 3 BADTRANS B (new version, Nov 24, 2001, first report) If the .scr or .pif attachment is opened, the worm displays a message box entitled, "Install error" which reads, "File data corrupt: probably due to a bad data transmission or bad disk access." A copy is saved into the WINDOWS directory as INETD.EXE and an entry is entered into the WIN.INI file to run INETD.EXE at startup. KERN32.EXE (a backdoor Trojan), and HKSDLL.DLL (a valid keylogger DLL) are written to the WINDOWS SYSTEM directory, and a registry entry is created to load the Trojan upon system startup. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ RunOnce\kernel32=kern32.exe Once running, the Trojan attempts to mail the victim's IP Address to the author. Once this information is obtained, the author can connect to the infected system via the Internet and steal personal information such as usernames, and passwords. In addition, the Trojan also contains a keylogger program which is capable of capturing other vital information such as credit card and bank account numbers and passwords. … main problem reports are coming from home users… Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 4 First two Workshops in a Series.. .. of Workshops in response to the need for better industry, government, and academic communication with regard to critical issues in planning and deployment of systems of trust. …could we have averted the security disasters of cable modems and dsl? The workshops are educational and it’s our intent to have the key participants shape them. More than one or two? Too many issues. First is overview of all trust infrastructures, second is first focused on one subset: National ID Cards. Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 5 “CMU Security Workshop Series” • • • • • Security? Shamos: Any security problem where a computer is involved… Any trust problem where a computer is involved … Educational : We Look at Deployable Solutions and Identify the Hard Problems Results: Better products, better service, better standards, better research Goal: Products, services, standards, and research that greatly improve computerrelated trust – fulfilling an educational role Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 6 Method • • • First Part: Review Deployable Solutions and some Interesting new Research Keep Notes on Hard Problems that seem to be revealed : HANDOUTS! Plenary and/or Breakout on what participants identify as the Hard Problems and discussion on How these can be Addressed. Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 7 Program Agenda 8:30am Introduction to the CMU Workshop Series Dr. Robert Thibadeau, 9:00am Keynote, The View from the Front Lines Simon Perry, Senior VP Security, Computer Associates 10:00 Platform Security: Securing Applications with Firmware Dr. Robert Baldwin, Principal Security Architect, Phoenix Technologies 10:15 Platform Security, Intel Protected Access Architecture Luke Girard, Principal IPAA Architect, Intel 10:30 Coffee break 10:45 User Authentication Katherine Hollis, Director, Global Information Assurance, EDS 11:00 Platform Security David Grawrock, Senior TCPA Architect, Intel 11:15 O/S Security John Doyle, Director Business Development, Harris Corporation 11:30 Platform Security Dr. Len Veil, CTO, Wave Systems 12:00pm Policy Control Tommy Wang, CEO, Interlytics 12:15 Intelligent Firewall Technology James Joyce, CEO, TechGuard Security 12:30 Risk Management Shawn Butler, Ph.D Student, CMU 12:45 Lunch 1:45 Two sides to the story Dr. Geoffrey Strongin, Principal Security Architect, AMD 2:00 Trust Structure Interplay Allen, Executive VP, Wave Systems 2:30 Hard Problems Agenda 3:00 Agenda Breakouts 4:30 Break 4:45 – 5:30 Next Steps, Robert Thibadeau, Carnegie Mellon, John Bourgein, IMA 6:30 Cocktails & Dinner, Wyndam Hotel Sponsored by AMS and Intelytics Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 8 Today and Tomorrow Workshop Team John Bourgein – Chief Cook and Bottle Washer Robert Thibadeau – Trust Infrastructure Guru Mike Shamos – National ID Card Guru Sponsors School of Computer Science, CMU Institute for Software Research International – ISRI Robotics Institute eCommerce Institute AMS & Intelytics Dinner at Wyndam Tomorrow Workshop on National ID Cards Sponsor : AMS Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 9 Workshop on Trust Infrastructures Theme : The Interplay of Trust Infrastructures Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 10 Trust Infrastructures? Computers are Complex Systems Means You Need More than One Source Of Trust Many Trust Infrastructures participate in the Trust Equation Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 11 Examples • Virus Checkers : Central Source of Trust managed by the Virus Checker Company : Target is detecting malicious Applications and Data • PKI : Authenticating authorized users and programs managed by a hierarchy of trust based on trap door cryptography. • Domains : Managing access to programs and data across machines as supplied by an OS and a central Domain Controller. Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 12 Cataloguing Trust Infrastructure Products, Standards, & Research (by Target) • OS (Windows, Linux, BSD…) • Device (BIOS, CPU, Video/Audio, Storage) • User (Biometrics, PKI, Smart Cards, Dongles) • Applications (Virus Checkers, Call/Code Authentication) O1 D2 U1 A1 S1 Server (Secure Email, SSL) C3 N1 E1 • • Content (Copy protection, tamper protection, document authentication) • Network (VPNs, Firewalls, Proxy Servers, Intrusion Detection, Forensics) • Enterprise (Central Management Consoles, Risk Measurement) Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 13 Acronym Scrabble Fun O1 D2 DOES AN CU USE DOC AN A CODE NEU A USE COND A SUN CODE ;-} CON USE AD SOD CAN US CAN DO USE ;-} COUNSE AD ANSUCODE SUNACODE USA N CODE U1 A1 • S1 C3 N1 E1 A SUN CODE – A “trust infrastructure” puts a single Bright Light on what is otherwise done in darkness • CAN DO USE – What CAN the trust infrastructure DO? – How can we USE it? Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 14 Cataloguing Trust Solutions A SUN CODE (by target) Applications – Virus Check, Call/Code Authentication Server – SSL, Email security User – Smart Cards, PKI Network – TCP/IP, VPNs, IPSec, Forensics Content – Copy/Tamper/Authentication Protect Operating System – Application Environment Device – BIOS, Keyboard, Video, Storage, DA Enterprise – Central Management, Risk Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 15 Today’s Workshop Agenda • What are the Trust Infrastructures? – Let’s listen to some of those that are new but deployable today. • What are the Hard Problems? – Where do we need additional sources of trust, but don’t really know yet how to supply them? – E.g. Hard Problems » Personal Privacy » Enterprise Risk Assessment » Open Trust: One source of trust relying on another source of trust Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 16 Cataloguing Trust Solutions CAN DO USE Content – Copy/Tamper/Authentication Protection Application – Virus Check, Call/Code Authentication What CAN the trust Network – VPNs, Forensics infrastructure DO? Device – BIOS, Keyboard, Video, Storage How can we USE it? OperatingWhat System – Application Environment doesn’t the trust infrastructure do? User – Smart Cards, PKI can we do about it? Server What – SSL, Email security Enterprise – Central Management, Risk Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 17 Virus Checkers • • • • Hard Problem : Post-Hoc : Work only after bad agents are discovered What can we do? Maybe a trust infrastructure like intrusion detectors – that can predict new intrusion patterns from existing virus databases? BadTrans is a conventional Spy. Hard Problem : Why can’t I just modify the virus checker to delete real code and to avoid my trojan horses? What can we do? Maybe a trust infrastructure that constantly, and with certainty, authenticates the virus checker. Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 18 Today • • Jot down hard problems and we’ll examine them in the afternoon. THEME : Interplay of Trust Infrastructures • CD of Powerpoint and Digital Videos Documenting Workshop • White Paper Summarizing Presentations and Results (Thibadeau) Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 19 Let’s Begin Simon Perry VP Security Computer Associates Copyright Robert Thibadeau, Worshop on Trust Infrastructures, 11-2001 20