\documentclass[naustrian,notes]{beamer} \input{header} %Titelinformationen \title[Digidow Biometric Sensor]{Digital Shadow: Biometric Sensor} \subtitle{Master's Thesis Seminar} \author[Michael Preisach]{Michael Preisach} \date{January 15, 2019} \institute[INS]{\includegraphics[width=0.1\textwidth]{../../resources/ins}} \begin{document} \begin{frame} \titlepage \end{frame} \begin{frame} \frametitle{Project Overview Digital Shadow} \begin{figure} \centering \includegraphics[width=0.9\textwidth]{../../resources/globalview} \end{figure} \end{frame} \begin{frame} \frametitle{Physical Overview} \begin{figure} \centering \includegraphics[height=0.8\textheight]{../../resources/networkview2.pdf} \end{figure} \end{frame} \begin{frame} \frametitle{TPM2: Platform Configuration Registers (PCR)\footnote{Arthur, Challener: \emph{A Practical Guide to TPM 2.0}}} \begin{columns} \begin{column}{0.5\textwidth} \begin{itemize} \item 24 Registers (for the PC) \item represents state of measured unit \item reset only by power cycle \item SHA1 or SHA256 \item modify by \emph{Extend()}: \\ {\scriptsize\texttt{newPCR = Digest(oldPCR || data)}} \item extension chain possible \end{itemize} \end{column} \begin{column}{0.5\textwidth} %%<--- here \begin{scriptsize} \begin{tabular}{c|p{3.5cm}} PCR &Allocation\\\hline 0 &BIOS \\ 1 &BIOS Config \\ 2 &Option ROM \\ 3 &Option ROM Config \\ 4 &MBR \\ 5 &MBR Config \\ 6 &State transition and wake events\\ 7 &Platform specific measurements\\ 8-15 &Static OS\\ 16 &Debug\\ 17-22 &General Purpose\\ 23 &Application Support\\ \end{tabular} \end{scriptsize} \end{column} \end{columns} \end{frame} \begin{frame} \frametitle{TPM2: Platform Configuration Registers (PCR)\footnote{\url{https://github.com/Rohde-Schwarz-Cybersecurity/TrustedGRUB2}}} \begin{center} \begin{tabular}{l|l} Component &measured by\\\hline BIOS &CRTM \\ TrustedGRUB MBR bootcode &BIOS \\ TrustedGRUB kernel (\texttt{diskboot.img}) &TrustedGRUB MBR bootcode \\ TrustedGRUB kernel (\texttt{core.img}) &\texttt{diskboot.img} \\ GRUB modules + OS &TrustedGRUB kernel \\ Applications &OS (e.g. Linux IMA) \\ \end{tabular} \end{center} \end{frame} \begin{frame} \frametitle{Linux Integrity Measurement Architecture (IMA) \footnote{\url{https://wiki.strongswan.org/projects/strongswan/wiki/IMA}} \footnote{\url{https://sourceforge.net/p/linux-ima/wiki/Home/}}} \begin{itemize} \item Kernel extension for measuring accessed files \item configurable via policies (access mode, files, users, \ldots) \item standardized log file entries \item extend PCR and create log file entry \end{itemize} \end{frame} \begin{frame} \frametitle{Attestation} \begin{enumerate} \item hash a number of PCR values (= \emph{Quote}) \item sign hash with TPM key \item remote party validates signing key \item remote party validates values of PCRs \item remote party validates values of (IMA-)Event log \end{enumerate} \end{frame} \begin{frame} \frametitle{State of the Project: What is Done} \begin{itemize} \item small PC with dedicated TPM2 device \item installed GRUB-TPM2 \item installed TPM2-ESAPI and development environment \item read most parts of the book \emph{Trusted Computing Platforms - TPM2.0 in Context} and implemented basic examples \end{itemize} \end{frame} \begin{frame} \frametitle{State of the Project: What is next} \begin{itemize} \item solve remaining problems with GRUB-TPM2 \item implementing more complex tasks with the TPM2 \item understanding \emph{Direct Anonymous Attestation} (DAA) \item define and develop a trusted environment between BS and PA \end{itemize} \end{frame} \begin{frame} \frametitle{Questions} \begin{itemize} \item IMA also works for other system calls? \item Details about CRTM \end{itemize} \end{frame} \end{document}