Upload
ibm-research-zurich
View
940
Download
0
Embed Size (px)
DESCRIPTION
Today at the CeBIT Fair, IBM is announcing the Secure Enterprise Desktop, an innovative service that enables corporate users to securely access the contents of their entire hard disk, including operating system, applications and company data, from anywhere in as little as two minutes. With the consumerization of IT and the emergence of bring your own device to work, organizations are being forced to figure out how to manage new security challenges in the enterprise. In addition, according to the 2011 IBM CIO Study, two of three CIOs have visionary plans that include mobility solutions and virtualization to remain competitive. To address these challenges IBM scientists in Zurich, also known for developing the secure operating system used on hundreds of millions of smart cards today, have developed the Secure Enterprise Desktop.
Citation preview
© 2012 IBM CorporationIBM Secure Enterprise Desktop
IBM Secure Enterprise Desktop –An enterprise application of the IBM ZTIC
Dr. Michael Baentsch, Dr. Paolo Scotton, IBM Research – Zurich
IBM Secure Enterprise Desktop
All Internet connected devices are (and will remain) under attack …
– Attack vectors (selection)• Spam (mail): “Click-and-be-doomed”• Some “free helper tools”• “popular” websites (porn, warez, etc.): “Drive-by infection”
• Google-found websites
– Sample attack method (beyond traditional vulnerability + standard API exploits)• APEG (Automatic Patch-based exploit generation)
– Attack goals (selection)• Get at company secrets (SpearPhishing, Advanced Persistent Threats and beyond)• Log company communication in real-time• Find out about customer’s customers
– Attack professionalism• Very high and rising (task “outsourcing”, physical “enforcement” the norm)• To some accounts, e-crime is already more profitable than drug trafficking
Secure Enterprise Desktop: Core problem addressed
IBM Secure Enterprise Desktop
Authentication: Main Attack classes
Fakeserver
ServerServer
login:
Fake server
Malicioussoftware (MSW)
Spoofed email (phishing)
LinkCredentials
Trojan horse virus
Credentials
Man-in-the-middle (MITM)
Impersonation at any time
Impersonation whilegenuine client connects
Impersonatio
n at any tim
e /
During genuine tra
nsaction
Fakeclient
Man-in-the-browser (MITB)
IBM Secure Enterprise Desktop
You cannot trust the PC (tablet, smart phone, etc.) display – nor any SW.
You need separate protection – crypto & I/O HW outside the PC.
Based on some “trust anchor” – ideally a mobile one.
Secure Enterprise Desktop: So what?
IBM Secure Enterprise Desktop
classicZTIC concept: How it works (high-level)
1: User approaches any appliance with USB port and inserts ZTIC
TLS Proxy
2: ZTIC initiates connection to server (automatically via auto-run or after user clicks on ZTIC icon)
TLS Server Connection
3: ZTIC establishes TLS connection to server
(incl. automatic certificate check and possibly, using client authentication)
4: Server validates authenticity
(using existing authentication protocols like EMV CAP or via PKI/SSL client authentication)
IBM Secure Enterprise Desktop
Approaches to Desktop Security
� Corporate-issue PCs: Machines are custom-installed and centrally managed.
Challenges: limited choice of machines; cost for dedicated hardware; zero-day exploits; mobility
� Trusted Platform Modules, Smart Cards, etc: Security hardware protecting system software
Challenges: Without I/O, user cannot ascertain what’s happening; mobility
� Secure Execution Environments: Software controlling applications executing
Challenges: Size & origin of software; can software be protected by software?
� Secure boot stick: user carries a secure OS to boot from on a USB stick
Challenges: maintenance of OS; no central control; no user credential control
� Virtualization: adding an access & security control layer for all resources
Challenges: host-OS security; installation; performance/scalability
IBM Secure Enterprise Desktop
IBM Secure Enterprise Desktop: Design Goals
� Protect against “State of the Art” Attacks (esp. Malware & Man-in-the-Middle)– Do not rely on PC or smart phone for input or output of critical data
� Do not require the installation of additional software– No device drivers (no new user/support center hassles)– Work on as many platforms as possible
� Do not interfere with existing protection technologies– VPNs, Firewalls, Virus scanners, etc.
� Be easy-to-use– Do not create performance penalties– Use “familiar” device/interaction pattern � mobility
� Be easy-to-administrate & integrate– Require minimal server changes
• Re-use existing authentication protocols, e.g., CAP, PKI/SSL client-authentication
– Allow for “fool-proof” device maintenance
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Goal
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Basic Concept ‘Bring-Your-Own’
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Core technologies
Secure Enterprise Desktop
ZTICImage Management
Provisioning
• Image backup• Image composition• Image maintenance
• Security• Authentication• Key storage
• Streaming technology• Significant OS experience
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Architecture
Hypervisor allows SED…� …to be hardware agnostic: hardware support delegated to the hypervisor� …to implement specialized drivers without changing the user image� …run multiple images on the same client
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Usage view
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Key Differentiators
� VM + OS provisioning is server-controlled via trusted channel– ZTIC establishes basic trust level and pulls disk-keys & software via SSL– Future extension: Build VPN support into low-level drivers + ZTIC
� No need for or reliance on pre-installed software– ZTIC possession is sufficient to get started � boot off empty/’bare metal’ machines– All OS & user data is streamed as needed � Fast start-up time on empty machines– Local machine used as ‘cache’ � scalability from overall system perspective
� Constant ‘backup’ when online– Offline operation also possible (e.g., when traveling)– All local data encrypted via ZTIC and mirrored back when online again
� User credentials handled outside of PC– Protection even against hacked BIOS’– Smart card support without need for drivers
IBM Secure Enterprise Desktop
Secure Enterprise Desktop: Next steps for 2012
� IBM internal pilot operation
� Introduction of standard/’out-of-the-box’ usage scenarios
� Pilot deployment at lead customers
� Integration with IBM standard offerings
IBM Secure Enterprise Desktop
Questions?
� http://www.zurich.ibm.com/secure-ed
� YouTube: http://www.youtube.com/watch?v=mPZrkeHMDJ8
� Michael Baentsch ([email protected]; +41 44 724 8620)
� Paolo Scotton ([email protected]; +41 44 724 8948)