nexus: an operating system for trustworthy computing · secure memory regions protect movie data...

Nexus: An Operating System for

Trustworthy Computing

Alan Shieh Dan Williams Kevin WalshEmin Gün Sirer Fred B. Schneider

Department of Computer ScienceCornell University

1

Trustworthy Computing

New hardware for trustworthy computingis emerging

How best to exploit this new hardware?

2

Project Overview

Nexus OSBuilds on Trusted Platform Module (TPM)

Industry-standard secure coprocessorSimple and pervasive

Provides new trustworthy computingabstractionsProvides assurance through a small TCBEnables new trustworthy applications

3

TPM primitives

Hardware root of trustFunctionality:

Data integrityKey storageAttestation (expects hashes)

Reasonable starting point...

4

TPM limitations

Mismatch between TPM and applicationneeds

Holds only a few secrets & keysAttests to a system snapshotSupports only hash-based authenticationand authorization

5

Extant OS limitations

Existing OSes are not suited fortrustworthy computing

Linux and Windows simply too bigMonolithic architecture→ violates principleof least privilegeNo strong isolation between components

6

Nexus: A New OS

Nexus OS bridges the gapGeneralizes and virtualizes the TPMEnables authorization from semanticproperties

7

Nexus: A New OS

Supports new abstractions withcomparable level of assurance relative toTPM

Small TCBExclude drivers and services (user-level)Exclude secondary storage

Fine-grain components→ restricted policiesStrong isolation of components

... Respectable performance too!

8

New abstractions

Secure memory regions with mandatoryaccess control and persistenceActive attestation attests to acomponent’s properties and environment.

Assigns a descriptive label to component

9

New Nexus OS abstraction:

Active attestation labelsLabeling functions generate meaningful,flexible labels from:

Result of analysis / PCCUse of reference monitorsRun in execution environment

Unlike hash, captures only property ofinterestUsed pervasively in the Nexus

E.g., IPC binding & invocation, access tosecure memory regions, etc.

10

New Nexus OS abstraction:

Secure memory regions

Secure memory regions are used tostore sensitive application dataGuarantees:

IntegrityConfidentialityPersistence

11

Secure memory regions

Admit application-specific optimizationsUse knowledge of access patterns tocompute optimal block size for hash-trees[Williams & Sirer, TNC2004]

Invaluable for user-level servicesE.g. Linear capability manager... or any history-dependent policies (viasecurity automata)

12

Status of the Nexus OS

Working prototype of kernel and newabstractions

13

Applications

Working applicationsDRM-compliant media playerSpam-proof e-mail systemTamper-evident system logAttested MACEDON application

Real applications provide insights thatdrive investigation into active attestation

14

Media player example

Secure memory regions protect moviedata and policy metadataLinear capabilities restrict media to alimited number of playsActive attestation attests to futurebehavior of media player

Media player does not write to disk→ This property describes a family of mediaplayers

15

Media player example

16

Spam-proof e-mail

Only “non-spam” e-mail clients can signmessage with special key

“Non-spam” clients:Client binary is approvedUser has typed in text during this execution

17

Nexus lessons

Active attestation captures applicationpropertiesAttesting to properties enablesmeaningful authorizationThird-parties can provide tools forextracting and enforcing properties

18

Summary

Trustworthy computing requires newproperties from OSThe Nexus is a new OS for trustedcomputing

Capture the semantic properties of programsProvide assurance about future behavior

There are many opportunities for futureresearch

New tools for capturing propertiesNew applications that require additional trust

19

nexus: an operating system for trustworthy computing · secure memory regions protect movie data...

Documents