Establishing and Maintaining Root of Trust on Commodity Computer Systems

October 27, 11:00 a.m.
T.I. Auditorium (ECSS 2.102)

Virgil Gligor
Carnegie Mellon University

Biography : Dr. Virgil D. Gligor received his BS, MS, and PhD degrees from the University of California, Berkeley. He taught at the University of Maryland between 1976 and 2007, and is currently a professor of electrical and computer engineering at Carnegie Mellon University. Between 2007 and 2015 he was the co-director of CyLab. Over the past forty years, his research interests ranged from access control mechanisms, penetration analysis, and denial-of-service protection, to cryptographic protocols and applied cryptography. Gligor was an editorial board member of several ACM (Association of Computing Machinery) and IEEE (Institute of Electrical and Electronics Engineers) journals and was an editor-in-chief of the IEEE Transactions on Dependable and Secure Computing. He received the 2006 National Information Systems Security Award jointly given by NIST (National Institute of Standards and Technology) and NSA (National Security Agency), the 2011 Outstanding Innovation Award of the ACM SIG on Security Audit and Control, and the 2013 Technical Achievement Award of the IEEE Computer Society.

Abstract : Suppose that a trustworthy program must be booted on a commodity system that may contain persistent malware. For example, a formally verified micro-kernel, micro-hypervisor, or a subsystem obtained from a trustworthy provider must be booted on a computer system that runs Windows, Linux, or Android. Establishing root of trust assures the user that either the system is in a malware-free state in which the trustworthy-program boot takes place, or the presence of malware is discovered with high probability. Obtaining such an assurance is challenging because malware can survive in system states across repeated secure- and trusted-boot operations; e.g., these operations do not always have malware-unmediated access to device controllers’ processors and memories. Both the theoretical and practical challenges of root-of-trust establishment unconditionally – without secrets, privileged modules or adversary bounds – will be illustrated.

Establishing root of trust is important because it makes all persistent malware ephemeral and forces the adversary to repeat the malware-insertion attack, perhaps at some added cost. Nevertheless, some malware-controlled software can always be assumed to exist in commodity operating systems and applications. The inherent size and complexity of their components (aka the “giants”) render them vulnerable to successful attacks. In contrast, small and simple software components with rather limited function and high-assurance layered security properties (aka the “wimps”) can, in principle, be resistant to all attacks.

Maintaining root of trust assures a user that a commodity computer’s wimps are isolated from, and safely co-exist with, adversary-controlled giants. However, regardless how secure program isolation may be (e.g., based on Intel’s SGX), I/O channel isolation must also be achieved despite the pitfalls of commodity architectures that encourage I/O hardware sharing, not isolation. This presentation will illustrate the challenges of I/O channel isolation and present an approach that enables the co-existence of secure wimps with insecure giants, via two examples of experimental systems: on-demand isolated I/O channels and a trusted display service. These systems were designed and implemented at Carnegie Mellon University’s CyLab, one of the largest university-based cybersecurity research and education centers in the United States.