diff --git a/resources/measurements.fig b/resources/measurements.fig new file mode 100644 index 0000000..7ff9b58 --- /dev/null +++ b/resources/measurements.fig @@ -0,0 +1,73 @@ +#FIG 3.2 Produced by xfig version 3.2.8 +Landscape +Center +Inches +Letter +100.00 +Single +-2 +1200 2 +6 6750 4050 7500 5250 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 6750 4950 7500 4950 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 6750 4050 7500 4050 7500 5250 6750 5250 6750 4050 +4 1 0 50 -1 4 12 0.0000 0 165 450 7125 4350 TPM\001 +4 1 0 50 -1 4 8 0.0000 0 120 405 7125 4800 (Store)\001 +4 1 0 50 -1 4 12 0.0000 0 165 540 7125 5175 PCRs\001 +-6 +6 10050 4050 10800 4950 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 10050 4050 10800 4050 10800 4950 10050 4950 10050 4050 +4 1 0 50 -1 4 12 0.0000 0 165 465 10425 4350 RTM\001 +4 1 0 50 -1 4 8 0.0000 0 105 570 10425 4800 (Program)\001 +-6 +6 9825 5625 10875 5925 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 9825 5625 10875 5625 10875 5925 9825 5925 9825 5625 +4 1 0 50 -1 4 12 0.0000 0 165 870 10350 5850 Firmware\001 +-6 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 8175 4050 8925 4050 8925 4950 8175 4950 8175 4050 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 9375 6075 10425 6075 10425 6375 9375 6375 9375 6075 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 8925 6525 9975 6525 9975 6825 8925 6825 8925 6525 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 7125 5850 8175 5850 8175 6150 7125 6150 7125 5850 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 2.00 90.00 120.00 + 10050 4500 8925 4500 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 2.00 90.00 120.00 + 9150 6525 8625 4950 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 2.00 90.00 120.00 + 9600 6075 8700 4950 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 2.00 90.00 120.00 + 10050 5625 8775 4950 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 2.00 90.00 120.00 + 7950 5850 8400 4950 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 2.00 90.00 120.00 + 8175 4500 7500 5100 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 6150 3675 11550 3675 11550 5325 6150 5325 6150 3675 +2 2 1 1 0 7 50 -1 -1 4.000 0 0 -1 0 0 5 + 6075 3600 11625 3600 11625 7650 6075 7650 6075 3600 +2 1 3 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 7 + 11175 3900 11175 7275 8700 7275 8700 5475 9750 5475 9750 3900 + 11175 3900 +4 2 0 50 -1 4 12 0.0000 0 165 1140 11100 7200 UEFI / BIOS\001 +4 1 0 50 -1 4 12 0.0000 0 165 435 8550 4350 CPU\001 +4 1 0 50 -1 4 8 0.0000 0 120 660 8550 4800 (Execution)\001 +4 1 0 50 -1 4 12 0.0000 0 210 1125 9900 6300 OptionROM\001 +4 1 0 50 -1 4 12 0.0000 0 30 255 9450 6675 . . .\001 +4 1 0 50 -1 4 12 0.0000 0 165 615 7650 6075 Kernel\001 +4 1 0 50 -1 4 8 0.0000 0 105 240 9525 4425 read\001 +4 1 0 50 -1 4 8 0.0000 0 105 285 7875 4575 store\001 +4 0 0 50 -1 4 12 0.0000 0 165 1260 6225 3900 Roots of trust\001 +4 0 0 50 -1 4 12 0.0000 0 165 1875 6150 7575 trusted environment\001 +4 1 0 50 -1 4 8 0.0000 0 75 435 8400 5700 measure\001 diff --git a/resources/measurements.pdf b/resources/measurements.pdf new file mode 100644 index 0000000..ef1ffc9 Binary files /dev/null and b/resources/measurements.pdf differ diff --git a/thesis/03_concept.tex b/thesis/03_concept.tex index 8912cf6..6edbe45 100644 --- a/thesis/03_concept.tex +++ b/thesis/03_concept.tex @@ -122,6 +122,36 @@ Consequently only a \emph{known} Kernel with a \emph{known} hardware and firmwar The disk encryption is, however, only an optional feature which can be omitted in a production environment when there is no sensible data on the disk that must not be revealed to the public. The system needs to check its integrity on the OS level and summarize that by publishing an attestation message, before any transaction data is used. +\begin{figure} + \centering + \includegraphics[width=0.8\linewidth]{../resources/measurements.pdf} + \caption{Extending trust from the Roots of Trust up to the Kernel}% + \label{fig:measuements} +\end{figure} + +\autoref{fig:measuements} illustrates how above proceses extend the trust on the system. +The TPM is the cryptographic root of trust, storing all measurement results and the target values for validation. +SInce the RTM is the only piece of code, which lives in the platform firmware and is executed \emph{before} it is measured, it is an important part in the trust architecture of the system. +An honest RTM will measure the binary representation of itself, which makes the code at least provable afterwards. +Finally, the CPU is assumed to execute all the code according to its specification. +Proving correctness of the instruction set cannot be done during the boot process. + +When the roots of trust are honest, the trusted environment can be constructed during booting the platform with the PCR measurements. +We get then a system, where all active parts in the booting process are trusted up to the Linux kernel with its extensions and execution parameters. + +\subsection{Integrity and Trust in the OS}% +\label{sub:integrity_and_trust_in_the_os} + +With the trusted kernel, we can extend the trusted environment on the file system with IMA. +According to \autoref{sec:integrity_measurement_architecture}, every file will be hashed once IMA is activated and configured accordingly. +By enforcing IMA, only files with a valid hash will be accessed by the kernel, assuming the whole file system to be analyzed accordingly. + +After setting up the system, IMA will \texttt{fix} the attributes of all relevant files and finally be \texttt{enforced}. +The IMA policy in place should be \texttt{appraise\_tcb}, to analyze kernel modules, executable memory mapped files, executables and all files opened by root for read. + +\subsection{Prove Trust with DAA}% +\label{sub:prove_trust_with_daa} + \begin{figure} @@ -177,8 +207,6 @@ Trusted Boot is not the same as Secure Boot. Explain the difference \label{ssec:tpm12} Initial Version of the crypto-coprocessor, successfully spread into many systems, but hardly any integration in Trust/security Software - - \begin{figure} \centering \includegraphics[width=0.7\textwidth]{../resources/tpmattest} diff --git a/thesis/MAIN.pdf b/thesis/MAIN.pdf index c6085e1..3a4d6c7 100644 Binary files a/thesis/MAIN.pdf and b/thesis/MAIN.pdf differ