Introduction of Trusted Network Connect Houcheng Lee [email protected] May 9, 2007.

Introduction of Trusted Network Connect

Houcheng Lee

[email protected]

May 9, 2007

What is Trusted Computing?

Trusted Computing Group(TCG)

Copyright© 2007 Trusted Computing Group - Other names and brands are properties of their respective owners.

PromotersAMDHewlett-PackardIBMIntel CorporationMicrosoftSun Microsystems, Inc.

ContributorsAdaptec, Inc.Agere Systems American Megatrends, Inc.ARM Atmel AuthenTec, Inc. AVAYA Broadcom Corporation Certicom Corp. Check Point Software, Inc.Citrix Systems, Inc.Comodo Dell, Inc. Endforce, Inc. Ericsson Mobile Platforms AB France Telecom Group Freescale Semiconductor Fujitsu LimitedFujitsu Siemens Computers

Trusted Computing Group (TCG) Membership170 Total Members as of January, 2007

ContributorsFunk Software, Inc. General Dynamics C4 SystemsGiesecke & DevrientHitachi, Ltd. Infineon InfoExpress, Inc. InterDigital CommunicationsiPass Lenovo Holdings Limited Lexmark International Lockheed MartinM-Systems Flash Disk Pioneers Maxtor CorporationMeetinghouse Data CommunicationsMirage Networks Motorola Inc. National Semiconductor nCipher NECNevis Networks, USANokia NTRU Cryptosystems, Inc. NVIDIA OSA Technologies, Inc Philips Phoenix Pointsec Mobile Technologies Renesas Technology Corp. Ricoh Company LTDRSA Security, Inc. Samsung Electronics Co.SanDisk CorporationSCM Microsystems, Inc.

AdoptersConSentry NetworksCPR Tools, Inc. Credant TechnologiesFiberlink Communications Foundstone, Inc.GuardianEdgeICT Economic ImpactIndustrial Technology Research Institute Infosec CorporationIntegrated Technology Express Inc.LANDeskLockdown Networks Marvell Semiconductor, Inc.MCI Meganet CorporationRoving PlanetSafeBootSafendSana SecuritySecure ElementsSenforce Technologies, Inc SII Network Systems, Inc.Silicon Storage Technology, Inc. Softex, Inc. StillSecureSwan Island Networks, Inc.SymwaveTelemidic Co. Ltd. Toppan Printing Co., Ltd.Trusted Network TechnologiesULi Electronics Inc. Valicore Technologies, Inc.Websense

ContributorsSeagate Technology Siemens AGSignaCert, Inc. Silicon Integrated Systems Corp.Sinosun Technology Co., Ltd. SMSCSony CorporationSTMicroelectronicsSymantec Symbian Ltd Synaptics Inc. Texas InstrumentsToshiba CorporationTriCipher, Inc. UnisysUPEK, Inc.Utimaco Safeware AG VeriSign, Inc. Vernier Networks Vodafone Group Services LTD Wave Systems Winbond Electronics Corporation

AdoptersAdvanced Network Technology LabsApani NetworksApere, Inc.ATI Technologies Inc. BigFix, Inc.BlueRISC, Inc.Bradford NetworksCaymas SystemsCirond


TCG Key Players

Trusted Platform Module(TPM)


Trusted Platform Module (TPM) Introduction What is a TPM?

A Hardware What it does?

V1.2 functions, including:•stores OS status information•generates/stores a private key•creates digital signatures•anchors chain of trust for keys, digital certificates, and other credentials


TPM – TCG Definition

Asymmetric Key Module Generate, store & backup public/private key pairs Generate digital signatures, encrypt/decrypt data

Trusted Boot Configuration Storage of software digests during boot process

Anonymous Attestation Endorsement key used to establish properties of

multiple identity keys TPM Management

Turn it on/off, ownership / configure functions, etc.


TPM – Abstract Definition

Root of Trust in a PC Operations or actions based on the TPM have measurable

trust. Flexible usage model permits a wide range of actions to be

defined. Doesn’t Control PC (About DRM)

User still has complete control over platform. It’s OK to turn the TPM off (it ships disabled).

User is free to install any software he/she pleases.


Why Not Software?

Software is hard to secure. Ultimately, it is usually based on something stored in a

relatively insecure location (like the hard drive). Soft data can be copied.

Lets an attacker take more time or apply more equipment to the attack procedure.

Security can’t be measured. Two users running same software operation may see

radically different risks.


TPM Measurement flow

Trusted Network Connection

(TNC)


What is TNC?

Open Architecture for Network Access Control

Suite of Standards Developed by Trusted Computing Group


Network Endpoint Problem

Sophisticated Attacks Viruses, Worms, Spyware, Rootkits, Botnets Zero-Day Exploits Targeted Attacks Rapid Infection Speed

Exponential Growth > 40,000,000 Infected Machines > 35,000 Malware Varieties

Motivated Attackers (Bank Crackers) Any vulnerable computer is a stepping stone


Key Computing Trends Drive the Need for TNC

TREND Increasing network span to

mobile workers, customers, partners, suppliers

Network clients moving to wireless access

Malware increasingly targeting network via valid client infection

New malware threats emerging at an increasing rate

IMPLICATION Less reliance on physical

access identity verification (i.e. guards & badges)

Remote access sequences easily monitored, cloned

Clients ‘innocently” infect entire networks

Client scanning demands move from once/week to once/login


Network Integrity Architectures

Several Initiatives are pursuing Network Integrity Architectures

All provide the ability to check integrity of objects accessing the network

[Cisco] Network Admission Control (NAC) [Microsoft] Network Access Protocol (NAP) [TCG] Trusted Network Connect (TNC)

Support multi-vendor interoperability Leverage existing standards Empower enterprises with choice


Trusted Network Connect AdvantagesOpen standards

Open standards process multi-vendor compatibility Enable customer choice open technical review Integrates with established protocols like EAP,

TLS, 802.1X, and IPsec

Incorporates Trusted Computing Concepts- guarding the guard


Moving from “who” is allowed on the network User authentication

To “who” and “what” is allowed on the network Adding Platform Integrity verification

Controlling Integrity of What is on the Network


Check at connect time

- Who are you - - What is on your computer User DB

+ Integrity DB

Can I connect?

Access control dialog

Enterprise Net

QuickTime™ and aTIFF (Uncompressed) decompressor

are needed to see this picture.


Quarantine and Remediation

No I am quarantining you

Try again when you’re fixed up

Remediation Server

Access control dialogdata

User DB + Integrity DB

Can I connect?Enterprise Net

Quarantine Net

QuickTime™ and aTIFF (Uncompressed) decompressor

are needed to see this picture.


TNC Architecture

Networkperimeter

Access Requestor

(AR)

PolicyEnforcement

Point(PEP)

PolicyDecision

Point(PDP)

wireless

wired


TNC Architecture

VerifiersVerifiers

tCollector

CollectorIntegrity Measurement

Collectors (IMC)Integrity Measurement

Verifiers (IMV)

Network Access

RequestorPolicy

EnforcementPoint (PEP)

Network AccessAuthority

TNC Server (TNCS)

Policy DecisionPoint

TSS

TPM

Platform Trust

Service (PTS)

TNC Client (TNCC)

Peer Relationship

Peer Relationship

(IF-TNCCS)

(IF-T)

(IF-M)

Policy EnforcementPointAccess Requestor

(IF-IMC) (IF-IMV)

(IF-PTS)

(IF-PEP)


Endpoint Integrity Policy

Machine Health Anti-Virus software running and properly

configured Recent scan shows no malware Personal Firewall running and properly configured Patches up-to-date No authorized software

Machine Behavior No porting scanning, sending spam, etc.


Examples of Integrity Checks

Virus scan Is virus scanner present/ which version Has it run “recently” / what is the result

Spyware checking Is Spyware checker running/ what version Have programs been deleted/isolated

What is your OS patch level Is unauthorized software present? Other - IDS logs, evidence of port scanning


Network Operator Access Policy

Define policy for what must be checked e.g. Virus, Spyware and OS Patch level

and results of checks

e.g. Must run VirusC- version 3.2 or higher, clean result SPYX- version 1.5 or higher Patchchk - version 6.2 or higher, patchlevel-3 or newer


TNC Scenario (Anti-Virus)

Sequence

1) Harvesting

2) Policy authoring

3) Collection

4) Reporting

5) Evaluation

6) Enforcement

7) Remediation

TNCServer

TNCClient

Anti-VirusServices

AV-IMC

Network AccessRequestor

Network AccessAuthority

Other IMCsAV-IMV

Other IMVs

Policies

2

AR PDP

IntegrityMeasurements4

ControlRequest

6

PolicyDecision

5

BaselineMeasurements

1

Embedded

AV configuration

AV engine

AV definitions

3 Measured


Anti-virus Collector

Patch mgt Collector

firewall Collector

Platform trust Collector

Anti-virus Verifier

Patch mgt Verifier

firewall Verifier

Platform trust Verifier

TNC Client TNC ServerIF-T

- Messages are batched by TNCC/ TNCS - Either side can start batched exchange - IMC/IMV may subscribe to multiple message types - Exchanges of TNC batches called handshake

TNC Model for Exchanging Integrity Data


Authorized Access Only

JoeK

Guest

LynnP

Hacker_Cindi

Access RequestorPolicy Decision

PointPolicy Enforcement

Point

Authorized UsersJoeKNoelCKathyRLynnP

AccessDenied

AccessDenied


Corporate SW Requirements

Compliant SystemWindows XPSP2OSHotFix 2499OSHotFix 9288AV - Symantec AV 10.1Firewall

Non-compliant SystemWindows XPSP2xOSHotFix 2499xOSHotFix 9288AV - McAfee Virus Scan 8.0Firewall

Corporate Network

Remediation Network

Access Requestor Policy DecisionPoint

Policy EnforcementPoint

Client RulesWindows XP•SP2•OSHotFix 2499•OSHotFix 9288•AV (one of)

•Symantec AV 10.1•McAfee Virus Scan 8.0

•Firewall


Customized Network Access

Ken – R&D

Guest User



Finance Network

R&D Network

Linda – FinanceWindows XP

OS Hotfix 9345OS Hotfix 8834AV - Symantec AV 10.1Firewall

Guest NetworkInter net Only

Access Policies•Authorized Users•Client Rules


Platform Trust Services PTS IF-PTS evaluates the integrity of TNC

components and makes integrity reports available to the TNCC and TNCS

The PTS establishes the integrity state of the TNC framework and binds this state to the platform transitive-trust chain

PTS IMC collects integrity information about TNC elements and sends to PTS IMV

PTS IMV has information (probably from vendors) on expected values for IMCs and other TNC and verifies received values


TPM Integrity Check

Compliant SystemTPM verifiedBIOSOSDriversAnti-Virus SW

Corp LAN



Client RulesTPM enabled

•BIOS•OS•Drivers•Anti-Virus SW

TPM – Trusted Platform Module• HW module built into most of

today’s PCs• Enables a HW Root of Trust• Measures critical components

during trusted boot• PTS-IMC interface allows

PDP to verify configuration and remediate as necessary


TNC Architecture – Existing Support

EndpointSupplicant/VPN Client, etc.

Network DeviceFW, Switch, Router, Gateway

Access RequestorPolicy Decision

PointPolicy Enforcement

PointAAA Server, Radius,

Diameter, IIS, etc


TPM Use Cases - Government & Regulatory National Security Agency

Full drive encryption TCG for compatibility

U.S. Army Network Enterprise Technology Command now

requires TPM 1.2 on new computers F.D.I.C.

Promotes TPM usage to member banks


TPM Use Cases – Realistic Projects Pharmacy Company

With VPN over public network, put TPMs on all clients Access dependent on digital certificate Verifies both user and machine Hardware and software from Lenovo

Japanese Health Care Projects Obligation to preserve data; METI funded Fujitsu’s TNC deployment verifies HW and app config for

session of broadband telemedicine Hitachi’s TPM-based system for home health care IBM’s Trusted Virtual Domains

MicroSoft Vista BitLocker


Thank you

Question?


Reference

Trusted Computing Group (TCG) - https://www.trustedcomputinggroup.org/home

Trusted Network Connection (TNC) - https://www.trustedcomputinggroup.org/groups/network/

Introduction of Trusted Network Connect Houcheng Lee [email protected] May 9, 2007.

Documents

trusted computing group

sinosun technology

valicore technologies

ati technologies

sii network systems

citrix systems

silicon integrated systems

silicon storage technology