secure startup hardware-enhanced security peter biddle product unit manager windows security...
Post on 24-Dec-2015
225 Views
Preview:
TRANSCRIPT
Secure StartupHardware-Enhanced Security
Peter BiddleProduct Unit ManagerWindows SecurityMicrosoft Corporation
Stacy StonichProgram ManagerWindows SecurityMicrosoft Corporation
A large multi-national company who wishes to remain anonymous told us that they lose an average of one corporate laptop per day in the taxicabs of just one US city…
Session OutlineSession Outline
Problem: Easily Stolen DataCurrent situation
Customer pain
Solution: Full Volume Encryption (FVE)What it provides
The feature in actionDemo
Architectural Details
Value Add
Recovery Scenarios
Wrap up
Q & A
Session GoalsSession Goals
Attendees should leave this session with:A better understanding of Secure Startup
Knowledge of where to find resources for how to build platforms that support this feature
An understanding of how they can add hardware and software support to the feature
Current SituationCurrent Situation
Password recovery programs are widely available that enable offline attacks whichcan circumvent Windows XP datasecurity mechanisms
Offline attacks expose core system keys that allow for the compromise of secured data
Hundreds of thousands of laptops are lost every year
Customer PainCustomer Pain
Difficult to protect the data on lost or stolen laptops
Corporate networks can be attacked via lost or stolen machines
User data stored on hard disk may be tampered with without a user knowing
User data from encrypted files may be disclosed to others during runtime
Compromise of users’ encrypted data can occur
Machine data cannot truly be erased
Industry DataIndustry Data
“Dutch public prosecutor … was condemned yesterday for putting his old PC out with the trash. It contained sensitive information about criminal investigations in Amsterdam, and also his email address, credit card number, social security number and personal tax files.” – The Register, Oct 8, 2004
“Hurried travelers have left as many as 62,000 mobiles, 2,900 laptops and 1,300 PDAs in London taxis over the past six months.” – BBC, August 2001
“An estimated 11,300 laptop computers, 31,400 handheld computers and 200,000 mobile telephones were left in taxis around the world during the last six months … passengers had lost three times more handheld computers in the second half of 2004 than in 2001” – CNN, January 24, 2005
Secure StartupSecure Startup
Technology providing higher security through use of Trusted Platform Module (TPM)
Addresses the lost or stolen laptop scenarios with TPM-rooted boot integrity and encryption
Provides secure system startup, full hard drive encryption, and TPM services
Attackers are stopped from using software tools to get at data
Secure Startup gives you stronger security on your Windows codenamed “Longhorn” client systems, even when the system is in unauthorized hands or is running a different or exploiting OS. Secure Startup does this by preventing a thief who boots another OS or runs a hacking tool from breaking Longhorn file and system protections.
Disk LayoutDisk Layout
Encrypted OS Volume Encrypted OS Volume contains:contains:
Encrypted OSEncrypted OSEncrypted page fileEncrypted page fileEncrypted temp filesEncrypted temp files
Encrypted dataEncrypted dataEncrypted hibernation fileEncrypted hibernation file
System Partition contains:System Partition contains:Boot utilitiesBoot utilities
(Unencrypted, ~50MB)(Unencrypted, ~50MB)
MBRMBR
Secure Startup ArchitectureSecure Startup ArchitectureStatic Root of Trust Measurement of early boot componentsStatic Root of Trust Measurement of early boot components
Secure Startup ArchitectureSecure Startup ArchitectureStatic Root of Trust Measurement of BIOSStatic Root of Trust Measurement of BIOS
Full Volume Encryption Value AddFull Volume Encryption Value Add
Encryption of the hibernation file protects against user allowing laptop to hibernate with sensitive docs open and then having the laptop stolen and docs at the fingertips of thieves
Full volume encryption enhances the security value of all registry, config files, paging files and hibernation files stored on the fully encrypted volume
Simply destroying the key allows for the safe disposal of corporate hardware/computer assets without fear of residual sensitive data
Recovery ScenariosRecovery Scenarios
Broken Hardware Recovery ScenarioUser swaps the hard drive into a new machine because laptop screen is broken from a drop
Attack Detected Recovery ScenarioVirus makes modifications to the Boot loader
Recovery password (known by the user or retrieved from a repository by an administrator)
Recovery can occur ‘in the field’Windows operation continue as normal
Automated escrow of the keys and recovery passwords (i.e. to an AD) to allow for centralized storage and management of recovery mechanismsOptionally, recovery keys can be written to media – such as a USB device
RequirementsRequirements
Hardware requirements to support Secure StartupTrusted Platform Module (TPM) v1.2
Provides platform integrity measurement and reporting
Requires platform support for TPM Interface (TIS)
See www.trustedcomputinggroup.org
Firmware (Conventional or EFI BIOS) – TCG compliantEstablishes chain of trust for pre-OS boot
Must support TCG specified Static Root Trust Measurement (SRTM)
See www.trustedcomputinggroup.org
Call to ActionCall to Action
FirmwareMake sure INT 1A Subfunction BBh calls behave correctly as documented by TCG (Trusted Computing Group) - even if no TPM
Hardware Make sure Secure Startup works with TPM 1.2's
Disk utilitiesTPM not required to test Secure Startup for application compatibility. Work with MS to make encrypted volumes work with low level utilities
Community ResourcesCommunity Resources
Windows Hardware & Driver Central (WHDC)www.microsoft.com/whdc/default.mspx
Technical Communitieswww.microsoft.com/communities/products/default.mspx
Non-Microsoft Community Siteswww.microsoft.com/communities/related/default.mspx
Microsoft Public Newsgroupswww.microsoft.com/communities/newsgroups
Technical Chats and Webcastswww.microsoft.com/communities/chats/default.mspx
www.microsoft.com/webcasts
Microsoft Blogswww.microsoft.com/communities/blogs
Additional ResourcesAdditional Resources
Web ResourcesWhitepapers
Related SessionsHow to Build Hardware Support for Secure Startup
Non-Microsoft Community Siteswww.trustedcomputinggroup.org
Questions? Send mail to sstartup@microsoft.com
top related