Trusted Cells: ArchitecturebyJavier González

TRUSTED CELL - CONTEXT

IT UNIVERSITY OF COPENHAGEN Javier González - jgon@itu.dk supervisor: Philippe Bonnet June, 2014

Trusted Cells: a decentralized data platform based on Trusted Execution Environments (TEE) embedded on personal data devices (set top boxes, smart phones or smart meters) at the edges of the Internet.

ARCHITECTURE - LINUX KERNEL

GLIBC

System-Call Interface (SCI)Se

cure

Env

iron

men

t Co

mm

unic

atio

n In

terf

ace

Platform Independent

Platform Dependent

Use

r Sp

ace

Ker

nel S

pace

Rich Environment Secure Environment

VFS Metadata

CRYPTO

History Logs

Transaction Logs

TUM_confTSM_confTIM_conf

TC_conf

SYSFS/ file ops. (e.g., r,w)/ TC communication (e.g., config., eval.)

VFS file Obj

dentry Obj

inode Obj

super-block Obj

Dep

ende

ncie

sA

ttrib

utes

open()close()read()write()flush()

struct inode {...uid_t //user id of ownerdid_t //group id of ownereid_t //environ. id of owner...}; cache FSn

FS0 FS0 FSn

...

LSM Hooks

TC_m

anag

er

TUM_richTSM_richTIM_rich

TC_rich

TamperResistant Unit

App1

Secu

re A

pplic

atio

nsSe

cure

Sys

tem

Prim

itive

s

Trusted Cell Manager

Policy Manager(e.g., UCON)

Crypto Keys

TIM

TSM

TUM

Trusted Cell - Secure Component

Trusted Cell - Rich Component

Trusted Cell - Configuration App2

Appn

...

Secu

re D

evic

e D

rive

rs

...

Peripherals connected to System Bus TZPC

Memory

hash(metadata)hash(data)

encrypt(X)

create(policy)

verify(file)

decrypt(X)

evaluate(policy)modify(policy)

TIM

cac

heTS

M c

ache

TUM

cac

he

Secure App

1 2 n

TEE Dependent

Secure App Secure App

app1 app2 app3

driv.TC

Trusted Cell - System Call Evaluation

LSM Hooks

TRUSTED EXECUTION ENVIRONMENT (TEE) - FRAMEWORK

Rich Environment Secure Environment User Space

Kernel Space

Secure Space

Hardware

root

root

Cortex-A class processor

Secure External Bus AMBA3 AXI APB

KernelMonitor Mode Dispatcher

Client API

TZ Driver

Secure Kernel

Trusted Tasks

Trusted Tasks

Trusted Tasks

High Performance

Tasks

High Performance

Tasks

High Performance

TasksTrusted Apps

Trusted PeripheralsPublic PeripheralsHar

dwar

e | S

oftw

are ...

Principle 1: Self preservation first. Under the suspicion of a threat, the secure environment isolates itself logically and gives up availability in order to protect data integrity, confidentiality and durability.

Principle 2: Lead all communications. The secure environment defines all parameters that define this communication: protocol, certificates, encryption keys, etc.

Principle 3: Secure all interactions. The secure area has priority to obtain exclusive access to secure peripherals.

NEXT STEPS

Innovative Services

Usage Control

HardwareSecurity

Data Processing

Sensitive Data

Untrusted Storage

Trusted Cell

Application

Subject

Authorizations

ObjectRights

Obligations Conditions

Usage decision

UCONABC

Enforcement : a priori control of usage rights

Audit: a posteriori control of how rights were used

Secure Platforms

Level ofprotection

Comm.Abstraction

ExecutionEnv. Examples

OnlySoftware

SoftwareHardware

SW + TamperResistant HW

Low

MediumHigh

Very High

Android, LinuxiOS, Windows

SharedMemory

Narrow Interfaces

Rich OS

Rich OS + TEE

Securead-hoc OS

Msg, Sockets, SM

ARM TrustZone

IBM CC, TPM, Secure Token

Requirements:

UCON is a formal model (algebra)

UCON is a perfect candidate to model Contextual Integrity

There is no implementation!

UCON needs to be implemented within a security perimeter protected by hardware so that attackers with root privileges cannot disable it using software.

From inside the security perimeter it should be possible to “monitor” programs outside the security perimeter

Communicating with programs in the security perimeter should entail a low overhead

UCON can model complex policies: Access Control Lists, Digital Right Management, or Usage Control Policies.

Characteristics:

UCON is founded on very strong security assumptions

Contextual Integrity Digital Society

Users Service Providers

Contextual integrity gives a framework to reason about the norms that apply, in a given social context, to the flows of personal data (i.e., information norms)Privacy is not about “not sharing” personal data!

Contextual Integrity

Information Flow

Rich Execution Environment Security Perimeter

All Sorts of Applications MonitoringApplications

HW ProtectionMonitor

Low Overhead

Integrity: Trusted Integrity Module (TIM)

Confidentiality: Trusted Storage Module (TSM)

Durability: TIM + TSM + Redundancy + Dispersion

Accessibility: TEE (currently not guaranteed)

Usage Control: Trusted Usage Module (TUM)

Trusted Cells: TIM + TSM + TUM (user space, kernel space & secure space)

Trusted Cell Prototype

Integrate in Sensing Infrastructure

Data Management

Trusted Cell

Gateway ?smap

TRUSTED CELL - VISION

Alice (A) and Bob (B) are equipped with fixed and portable trusted cells, acquiring data from several data sources, synchronizing with their encrypted personal digital space on the cloud. Charlie (C) is travelling around the world and can securely access all his data from any (unsecure) terminal thanks to his portable trusted cell. All users equipped with trusted cells can securely share their encrypted data through the cloud.