Fog Node Security - TMCnet · 9. Insecure Software/Firmware 10. Poor Physical Security Protect Data...

Fog Node Security

Don Banks, Distinguished Engineer, Cisco Systems

Fog Computing Conference November 19-20, 2014, San Jose, CA

© Cisco 2014. All rights reserved. 2

§  The Challenge §  Security Basics

§  Fog Node Platform Security

Agenda


§  Projections of 50 billion connected devices by 2020 §  How to deal with the scale?

§  As intelligence, local data storage, analysis, and other compute moves towards the edge, many devices will be located in unsecured/low security locations §  The cost of a breach is enormous to the brand §  Protecting the device and its data is no small challenge

§  Need to provide a rich and flexible set of security features that enables sufficient security for each circumstance §  Not every security mechanism will need to be implemented on every node §  No such thing as absolute security

The Security Challenge for IoT


Top IoT Security Holes

Insecure Web i/fInsufficient Authentication/AuthorizationInsufficient Security Configurability

1. 2.

3.

Privacy ConcernsInsecure Cloud i/fInsecure Mobile i/f

4. 5. 6.

Lack of Transport EncryptionInsecure Network Services

7. 8.

Insecure Software/Firmware9. Poor Physical Security10.

Protect Data Protect Network Protect Software/Firmware Protect Device

OWASP* top 10 security issues with IoT devices

Need to protect all four areas in order to address security

*Open Web Application Security Project


§  Security Properties (CIA) are the cornerstone: §  Confidentiality

§  Prevent disclosure of information to unauthorized entity §  Provide hardware-based isolation for execution, data, and communication

§  Integrity §  Detect and prevent unauthorized modification of system

§  Availability §  Ensure that services are available when requested by authorized users §  Provide resource isolation and resource specific QoS policies

Security Properties


§  Threat Model §  Defines the threats that are being considered and the threats that are not being considered

§  Attacks §  An attack is an instantiation of a threat §  It violates the security properties of a system

§  No such thing as absolute security §  Cost vs. reward trade-offs for products based on threat models §  Always assume that attackers exist – it’s an arms race

Threat Models and Attacks


§  Policy: §  Specifies who/what can access which resources under which conditions

§  Mechanism: §  Implements the policy

§  Trusted §  Responsible for maintaining the security policies

§  Trustworthy §  Designed to be secure

Policy vs. Mechanism, Trusted vs. Trustworthy


§  Trusted Computing Base (TCB) §  The hardware, software, firmware, and networking components that must be both correct and

un-corruptible in order to ensure that the security policy is not violated

§  Trusted Execution Environment (TEE) §  A secure area of processor storage that guarantees that code and data located there are

protected w.r.t. Confidentiality and Integrity.

TCB and TEE


§  Authentication (Who are you?) §  Authenticate human-to-machine / machine-to-machine

§  Authorization (What you are allowed to do) §  Who can do what to which object

Access Control (AAA)


Fog Node Security in One Slide

Hardware/Firmware/Boot Loader: Static ROT h/w ROT (Starts at Power-on) Extensible Chain of Trust h/w Virtualization: processor, i/o, devices (isolation – Confidentiality, Integrity) Security Processor/TPM/TrustZone: Secure Storage Resource & Device QoS Controls (Availability) Trusted Boot (measured/verified) TRNG (DRNG) Run-time integrity checking infrastructure Enable hardware-based fine-grained TCBs

Network Security (from platform POV) For: Management/Orchestration, Software Upgrade, Workload Migration (AAA, Remote Attestation) Secure network protocols & configuration VLANs, (VPN: IPSec, SSL/TLS, DTLS) Line rate encryption for all traffic Hypervisor/OS/Applications: Dynamic ROT ROT – Extended Chain of Trust Trusted Boot (measured/verified) Mix of Trusted & Untrusted Execution Environments

Tamper Resistance (Most Important near the Edge) Sensor Based Policy-based action on detection Policy stored in fuses/platform protected storage Reset secrets on detect Voltage & Frequency monitors

fdaStaticROT

core0 core1 core2 coren... SoC device SoC deviceh/w ROT

iommummu

Trusted Boot

Firmware/Option ROMs/Platform NVRAM

Hypervisor

...

Compute, Storage, and Networking Platform- Mixed Ownership: Single owner/federation of owners- Multitenant: Shared, public, or private- IP-based networking- East-West and North-South flows- Highly virtualized infrastructure

DiskDiskDisk

NICData at Rest Data in Motion

Tamper Protection

OS

App1 App2

VM1 (TEE)

OS

DynamicROT

Trusted Boot

OS

App1 App2

VM2 (TEE)

DynamicROT

OS

Trusted Boot

OS

App1 App2

VMn (untrusted)

OS

Boot


§  4 categories of Fog Node Security: §  Trusted Execution Environment (TEE) §  Data Security §  Network Security §  Physical Security: Tamper Proofing/Intrusion detection and amelioration

§  Trust must be rooted in hardware

§  Established at system power-on §  Hardware Root-of-Trust - Extensible Chain-of-Trust

Fog Node Security Categories


§  Execution Environment §  Trusted Execution Environment (TEE) (Static: established at instantiation and “sticks”)

§  Hardware Root-of-Trust / Chain of Trust extensions (TCG) §  Hardware starts execution in a known trusted state

§  TPM (vTPM), BootGuard , TXT/ TrustZone / Security Processor §  Root of trust for storage and reporting

§  Secure storage repository (both non-volatile and volatile)

§  Trusted Boot

§  Static Root of Trust §  (Verifies Boot Block, BIOS/firmware, Option ROMs) è boot loader, hypervisor

§  Sequences processor bringup

§  Remains in place until next boot

§  Dynamic Root of Trust §  Enter/exit via h/w instruction (ISA); plays nice with virtualization instructions

§  Trusted Boot Loader + OS + Apps

§  Can start/stop without the need for a reboot

§  Minimize TCB(s) §  Minimize trusted code base and attack surface

Fog Node Execution Environment


§  Execution Environment §  Introspection (Dynamic: performed during execution)

§  Real Time Integrity Checking (RTIC) - continuous §  Two versions:

§  h/w based fixed number of static host physical pages

§  s/w + h/w based Run Time Integrity Checking

o  Verifies static code + data have not been modified over any set of vms

o  Pre-execution Tool chain to identify what to monitor at run time fed to hypervisor implementation

§  Policy based action on modification detection

§  Nested guest memory access control §  Allows multiple application-defined, hardware protected, dynamic views on memory

within an individual address space/vm §  Minimize TCB §  Can only downgrade on the way up §  e.g., Secure Enclaves

Fog Node Execution Environment


§  Execution Environment §  h/w-based Virtualization is also a security play

§  Provides strong Isolation (Confidentiality, Integrity) and QoS controls (Availability) for virtual and physical resources

§  Supports Multi-tenancy and consolidation models §  Processor virtualization (e.g., VTx), I/O virtualization (e.g., VTd)

§  mmu, extended page tables isolates vms from vms and hypervisor

§  Processor modes: hypervisor, supervisor, user §  h/w based state save/restore for guest-hypervisor transitions

§  iommu provides DMA protection for hypervisor & vms against compromised devices/vms

§  Virtualized devices provide virtual instances overlaid on physical resources §  h/w-based Virtualization required for all sharable devices §  SoC devices + nics + storage + gpu + fpga + …

§  e.g., sr-iov

§  Containers (LXC, Docker*, etc.) where appropriate

Fog Node Security

*“Reality Check: if you run something which by definition needs full control over hardware or kernel [resources], containers are not going to make it secure. Please stop trying to shoot yourself in the foot safely.”, Jerome Petazzoni, Docker


§  Execution Environment §  Data at Rest - File Systems / Disks

§  Encryption at the File Systems or Object level; whole disk encryption allows data access to everyone with device access

§  Protection needs to be more granular and role based.

§  Memory §  Encrypted memory coming …

§  Maintains confidentiality: encrypt when evicted from LLC, decrypt when fetched into cache

§  Secure Debug §  Ensure that debug (e.g., JTAG) is protected in the field by authenticated access

§  TRNG §  Cryptography requires it (e.g., RSA, DSA, Diffie-Hellman, challenge-response schemes, nonces, …)

§  Needs to be provided by the platform (preferably as part of the processor ISA)

Fog Node Security


IT/OT Converged Network Security Model

Access C

ontrol D

ata Privacy Threat D

etection D

evice Integrity

IT

DMZ

OT

Enterprise Network

Control, Automation

Demilitarized Zone

Process, Supervisory

Cloud OT Partners & Services

Internet

Ruggedized Firewall Ruggedized IDS / IPS Segmentation: VLANs, VRFs, ACLs

Plant Edge (VPN, IPS & Remote Access ) Stateful Firewall, NGFW Access Control

Cloud-based Threat Protection Network-wide Policy Enforcement Security Information & Event Management (SIEM)

SIEM, Remote Services Platform OT Policy Mgmt, SW, Config, AV & Asset Mgmt. Cyber & Physical Access Control Systems

Enterprise Edge (VPN, IPS, NGFW) Anti-Virus, Malware Detection Corporate Directory, Web & Email Security


§  Data in Motion - Network Security §  Encryption at line rate

§  Needed for both Data at Rest and Data in Motion §  Hardware assist required:

§  Encryption SoC device for high bandwidth §  ISA support for lower bandwidth

§  MACsec (802.1AE) §  Ensures an [Ethernet] frame came from the station that claimed to send it §  Problems:

§  Now optional for TrustSec §  Not on all PHYs support it and not at higher data rates (e.g., 40Gb, 100Gb)

§  Wireless LAN §  WEP authenticates endpoints §  802.1X (802.1AE and 802.1AR) LL encryption

Fog Node Security


§  Remote Attestation: ensures unaltered software running on remote system §  For controllers/orchestrators §  For remote services §  For east-west / north-south partners §  For secure software upgrades §  …

Fog Node Security


§  Remote Orchestration §  Requires end-to-end Trust relationship

§  Identity Management §  Both on-device agent and remote agent require AAA

§  Secure communication channel §  On-device agent authenticated and authorized for local resource control

§  Remote agent authenticated and authorized to manage remote resources

§  Device, software, application, etc.

§  Point-to-point trust different than resource management ownership relationship §  Encryption and secure key management need to be provided by platform §  Secure session management protocols need to be implemented §  Ensures Orchestrator is running authentic software

Fog Node Security


§  Tamper-Proofing/Intrusion Detection and Amelioration §  Processor, SoC devices, board, chassis level detection

§  Sensor-based §  Internal mesh to protect internal components §  External mesh to protect chassis and i/o

§  Voltage & frequency monitors §  Signal on anomaly detection §  Self-resetting parts (e.g., encryption devices clear memory and accessible key storage)

§  Policy based action §  Policy must be protected by AAA

§  May be separate security processor, may be on-chip f/w + fuses

§  On detection, execute policy §  Must provide mechanism to support maintenance

§  Most important near the [exposed] edge

Fog Node Security


Fog Node Security in One Slide

Hardware/Firmware/Boot Loader: Static ROT h/w ROT (Starts at Power-on) Extensible Chain of Trust h/w Virtualization: processor, i/o, devices (isolation – Confidentiality, Integrity) Security Processor/TPM/TrustZone: Secure Storage Resource & Device QoS Controls (Availability) Trusted Boot (measured/verified) TRNG (DRNG) Run-time integrity checking infrastructure Enable hardware-based fine-grained TCBs

Network Security (from platform POV) For: Management/Orchestration, Software Upgrade, Workload Migration (AAA, Remote Attestation) Secure network protocols & configuration VLANs, (VPN: IPSec, SSL/TLS, DTLS) Line rate encryption for all traffic Hypervisor/OS/Applications: Dynamic ROT ROT – Extended Chain of Trust Trusted Boot (measured/verified) Mix of Trusted & Untrusted Execution Environments

Tamper Resistance (Most Important near the Edge) Sensor Based Policy-based action on detection Policy stored in fuses/platform protected storage Reset secrets on detect Voltage & Frequency monitors

fdaStaticROT

core0 core1 core2 coren... SoC device SoC deviceh/w ROT

iommummu

Trusted Boot

Firmware/Option ROMs/Platform NVRAM

Hypervisor

...

Compute, Storage, and Networking Platform- Mixed Ownership: Single owner/federation of owners- Multitenant: Shared, public, or private- IP-based networking- East-West and North-South flows- Highly virtualized infrastructure

DiskDiskDisk

NICData at Rest Data in Motion

Tamper Protection

OS

App1 App2

VM1 (TEE)

OS

DynamicROT

Trusted Boot

OS

App1 App2

VM2 (TEE)

DynamicROT

OS

Trusted Boot

OS

App1 App2

VMn (untrusted)

OS

Boot

Fog Node Security - TMCnet · 9. Insecure Software/Firmware 10. Poor Physical Security Protect Data...

Documents

Transcript of Fog Node Security - TMCnet · 9. Insecure Software/Firmware 10. Poor Physical Security Protect Data...