Trusted Input Devices Distributed Strong Authentication

Transcription

1 Input Devices Distributed Strong States Security Research Workshop Carnegie Mellon University March 28, 2002 Lark M. Allen / Wave Systems Lallen@wavesys.com Challenges Personal computers are untrusted devices Input, processing, and output cannot be protected or hidden from interception, observation, and hacking Centralized authentication approaches have major issues Broadly available national biometric databases for fingerprints, facial prints, iris scans, and other personally identifiable information are unlikely due to privacy issues Inadequate scalability and long response times for most applications Identity is context related (businesses, organizations, states) with little or no interoperability No indemnification for authentication mistakes 3/30/02 2 1

2 and Privacy Privacy is growing social issue, even post 9/11 EU, Canada and others with tough Data Protection laws and Privacy must find acceptable balance Where authentication is done will affect privacy concerns Users will opt-in for benefits, i.e. faster airport security Location of Privacy Concerns User Near User Local Regional National Intrn l.? HAVE Identity KNOW Password User ID PIN ARE Untrusted Access 2

3 Input Device - Architecture PC FW Internet FW Device Untrusted Server Cards Tokens ID Biometrics PIN Password must be done in a trusted location devices can communicate securely over untrusted networks Extending Trust to the Edge End-end security Multi-layer protections Workgroups and peer-peer enabled Data / user level FW Internet FW Server PC Trust Boundaries Cards Tokens ID / PIN Password Biometrics 3

4 Infrastructure Security Requirements Dynamic and broad range of security needs Platform, File, and Application Security Strong Content and Services Protection Privacy Solutions E-Commerce VPNs, Communications Digital Signatures Security of hardware, flexibility of software, futureproof Internet must deploy new trusted layer every component and device must have trusted mode Challenge - Interoperable Entities USER Cards / Tokens/ Smart Cards Biometrics ID Passwords PINs Passport/Liberty X509 Cert Auth. Registration Auth. User Devices Cell Phones Readers FINREAD/GTI PDAs Wireless Devices Merchant Terminals Access Devices Platforms / Peripherals / Consumer Electronics PC Set Top Box Cable Modems Keyboards/Input Storage Devices Output-TV/Prntrs Graphics Cards Receivers, Players DTLA Applications / Services / Software OS / Boot Applications Certified Applets Digital Signatures Firmware Web Agents Authenticode CDSA Data / DRM / Media Streams DRMs 5C / DTCP HDCP Conditional Access SDMI Watermarking DVDs 8 4

5 Input Device - Components EMBASSY Client Platform Strong Cryptography Processing Storage Time Display Input Input Devices - Applications Finance Industry FinRead European Union Spec for Financial Readers Card Holder Present E-Commerce Transactions Strong Network and System Access Digital Signature Physical Access On-Line Gaming Financial, GPS, Biometric, Smart Card, Password Entertainment Age-Based Access 5

6 EMBASSY Client Platform Sovereign and Protected Place in a Hostile Territory Trust Assurance Network Digital Signature Music DRM Video PPV Device Trust Services, Applet Management Digital Music Video Signature DRM PPV Processor Digital Video Music Memory Signature DRM PPV Interfaces /Storage Clock Crypto Application EMBASSY CHIP/ OS Hard Disk Digital Music Signature DRM Pyramid of Protection Unshared Shared Hardware Software Smart Cards DRMs EMBASSY Trust EMBASSY System PKI Hdwr/Sftwr Trust System Trust Hardware System Prog. Hardware - Static Tamper-Resistant Firmware Tamper-Resistant Software TCPA BIOS Security Strength Software Only 6

7 EMBASSY Client Applications Strong Content Protection Applets Services Delivery Privacy Protection Platform Security(TCPA) Operating System EMBASSY Client Chip Trust Assurance Network Developer Kits Peer-Peer Conditional Access E-Commerce Distributed Transactions Strategic: Independent Trust Domains SERVICE A Trust Domain SERVICE B Trust Domain SERVICE C Trust Domain Applet B Applet A Applet C Device Trust Domain Shared, Multi-Party Devices 7

8 Trust Assurance Network - PKI PKI Trust Infrastructure Device Trust Services Applet Trust Services Benefits Client Devices at the network edge Strong, multi-factor authentication Addresses major security exposure The PC Scalability and responsiveness Key building block for end-to-end security Extends existing network and server security solutions Balances authentication and privacy Minimizes need for centralized databases and monitoring of entire population More easily addresses issues of small high risk security exposure groups Flexibility and future-proofed infrastructure Programmable security Multi-party trust supports multiple identity systems and trust domains in single devices 8