Fog Node Security - TMCnet · 9. Insecure Software/Firmware 10. Poor Physical Security Protect Data...
Transcript of Fog Node Security - TMCnet · 9. Insecure Software/Firmware 10. Poor Physical Security Protect Data...
Fog Node Security
Don Banks, Distinguished Engineer, Cisco Systems
Fog Computing Conference November 19-20, 2014, San Jose, CA
© Cisco 2014. All rights reserved. 2
§ The Challenge § Security Basics
§ Fog Node Platform Security
Agenda
© Cisco 2014. All rights reserved. 3
© Cisco 2014. All rights reserved. 4
§ Projections of 50 billion connected devices by 2020 § How to deal with the scale?
§ As intelligence, local data storage, analysis, and other compute moves towards the edge, many devices will be located in unsecured/low security locations § The cost of a breach is enormous to the brand § Protecting the device and its data is no small challenge
§ Need to provide a rich and flexible set of security features that enables sufficient security for each circumstance § Not every security mechanism will need to be implemented on every node § No such thing as absolute security
The Security Challenge for IoT
© Cisco 2014. All rights reserved. 5
Top IoT Security Holes
Insecure Web i/fInsufficient Authentication/AuthorizationInsufficient Security Configurability
1. 2.
3.
Privacy ConcernsInsecure Cloud i/fInsecure Mobile i/f
4. 5. 6.
Lack of Transport EncryptionInsecure Network Services
7. 8.
Insecure Software/Firmware9. Poor Physical Security10.
Protect Data Protect Network Protect Software/Firmware Protect Device
OWASP* top 10 security issues with IoT devices
Need to protect all four areas in order to address security
*Open Web Application Security Project
© Cisco 2014. All rights reserved. 6
© Cisco 2014. All rights reserved. 7
§ Security Properties (CIA) are the cornerstone: § Confidentiality
§ Prevent disclosure of information to unauthorized entity § Provide hardware-based isolation for execution, data, and communication
§ Integrity § Detect and prevent unauthorized modification of system
§ Availability § Ensure that services are available when requested by authorized users § Provide resource isolation and resource specific QoS policies
Security Properties
© Cisco 2014. All rights reserved. 8
§ Threat Model § Defines the threats that are being considered and the threats that are not being considered
§ Attacks § An attack is an instantiation of a threat § It violates the security properties of a system
§ No such thing as absolute security § Cost vs. reward trade-offs for products based on threat models § Always assume that attackers exist – it’s an arms race
Threat Models and Attacks
© Cisco 2014. All rights reserved. 9
§ Policy: § Specifies who/what can access which resources under which conditions
§ Mechanism: § Implements the policy
§ Trusted § Responsible for maintaining the security policies
§ Trustworthy § Designed to be secure
Policy vs. Mechanism, Trusted vs. Trustworthy
© Cisco 2014. All rights reserved. 10
§ Trusted Computing Base (TCB) § The hardware, software, firmware, and networking components that must be both correct and
un-corruptible in order to ensure that the security policy is not violated
§ Trusted Execution Environment (TEE) § A secure area of processor storage that guarantees that code and data located there are
protected w.r.t. Confidentiality and Integrity.
TCB and TEE
© Cisco 2014. All rights reserved. 11
§ Authentication (Who are you?) § Authenticate human-to-machine / machine-to-machine
§ Authorization (What you are allowed to do) § Who can do what to which object
Access Control (AAA)
© Cisco 2014. All rights reserved. 12
© Cisco 2014. All rights reserved. 13
Fog Node Security in One Slide
Hardware/Firmware/Boot Loader: Static ROT h/w ROT (Starts at Power-on) Extensible Chain of Trust h/w Virtualization: processor, i/o, devices (isolation – Confidentiality, Integrity) Security Processor/TPM/TrustZone: Secure Storage Resource & Device QoS Controls (Availability) Trusted Boot (measured/verified) TRNG (DRNG) Run-time integrity checking infrastructure Enable hardware-based fine-grained TCBs
Network Security (from platform POV) For: Management/Orchestration, Software Upgrade, Workload Migration (AAA, Remote Attestation) Secure network protocols & configuration VLANs, (VPN: IPSec, SSL/TLS, DTLS) Line rate encryption for all traffic Hypervisor/OS/Applications: Dynamic ROT ROT – Extended Chain of Trust Trusted Boot (measured/verified) Mix of Trusted & Untrusted Execution Environments
Tamper Resistance (Most Important near the Edge) Sensor Based Policy-based action on detection Policy stored in fuses/platform protected storage Reset secrets on detect Voltage & Frequency monitors
fdaStaticROT
core0 core1 core2 coren... SoC device SoC deviceh/w ROT
iommummu
Trusted Boot
Firmware/Option ROMs/Platform NVRAM
Hypervisor
...
Compute, Storage, and Networking Platform- Mixed Ownership: Single owner/federation of owners- Multitenant: Shared, public, or private- IP-based networking- East-West and North-South flows- Highly virtualized infrastructure
DiskDiskDisk
NICData at Rest Data in Motion
Tamper Protection
OS
App1 App2
VM1 (TEE)
OS
DynamicROT
Trusted Boot
OS
App1 App2
VM2 (TEE)
DynamicROT
OS
Trusted Boot
OS
App1 App2
VMn (untrusted)
OS
Boot
© Cisco 2014. All rights reserved. 14
§ 4 categories of Fog Node Security: § Trusted Execution Environment (TEE) § Data Security § Network Security § Physical Security: Tamper Proofing/Intrusion detection and amelioration
§ Trust must be rooted in hardware
§ Established at system power-on § Hardware Root-of-Trust - Extensible Chain-of-Trust
Fog Node Security Categories
© Cisco 2014. All rights reserved. 15
§ Execution Environment § Trusted Execution Environment (TEE) (Static: established at instantiation and “sticks”)
§ Hardware Root-of-Trust / Chain of Trust extensions (TCG) § Hardware starts execution in a known trusted state
§ TPM (vTPM), BootGuard , TXT/ TrustZone / Security Processor § Root of trust for storage and reporting
§ Secure storage repository (both non-volatile and volatile)
§ Trusted Boot
§ Static Root of Trust § (Verifies Boot Block, BIOS/firmware, Option ROMs) è boot loader, hypervisor
§ Sequences processor bringup
§ Remains in place until next boot
§ Dynamic Root of Trust § Enter/exit via h/w instruction (ISA); plays nice with virtualization instructions
§ Trusted Boot Loader + OS + Apps
§ Can start/stop without the need for a reboot
§ Minimize TCB(s) § Minimize trusted code base and attack surface
Fog Node Execution Environment
© Cisco 2014. All rights reserved. 16
§ Execution Environment § Introspection (Dynamic: performed during execution)
§ Real Time Integrity Checking (RTIC) - continuous § Two versions:
§ h/w based fixed number of static host physical pages
§ s/w + h/w based Run Time Integrity Checking
o Verifies static code + data have not been modified over any set of vms
o Pre-execution Tool chain to identify what to monitor at run time fed to hypervisor implementation
§ Policy based action on modification detection
§ Nested guest memory access control § Allows multiple application-defined, hardware protected, dynamic views on memory
within an individual address space/vm § Minimize TCB § Can only downgrade on the way up § e.g., Secure Enclaves
Fog Node Execution Environment
© Cisco 2014. All rights reserved. 17
§ Execution Environment § h/w-based Virtualization is also a security play
§ Provides strong Isolation (Confidentiality, Integrity) and QoS controls (Availability) for virtual and physical resources
§ Supports Multi-tenancy and consolidation models § Processor virtualization (e.g., VTx), I/O virtualization (e.g., VTd)
§ mmu, extended page tables isolates vms from vms and hypervisor
§ Processor modes: hypervisor, supervisor, user § h/w based state save/restore for guest-hypervisor transitions
§ iommu provides DMA protection for hypervisor & vms against compromised devices/vms
§ Virtualized devices provide virtual instances overlaid on physical resources § h/w-based Virtualization required for all sharable devices § SoC devices + nics + storage + gpu + fpga + …
§ e.g., sr-iov
§ Containers (LXC, Docker*, etc.) where appropriate
Fog Node Security
*“Reality Check: if you run something which by definition needs full control over hardware or kernel [resources], containers are not going to make it secure. Please stop trying to shoot yourself in the foot safely.”, Jerome Petazzoni, Docker
© Cisco 2014. All rights reserved. 18
§ Execution Environment § Data at Rest - File Systems / Disks
§ Encryption at the File Systems or Object level; whole disk encryption allows data access to everyone with device access
§ Protection needs to be more granular and role based.
§ Memory § Encrypted memory coming …
§ Maintains confidentiality: encrypt when evicted from LLC, decrypt when fetched into cache
§ Secure Debug § Ensure that debug (e.g., JTAG) is protected in the field by authenticated access
§ TRNG § Cryptography requires it (e.g., RSA, DSA, Diffie-Hellman, challenge-response schemes, nonces, …)
§ Needs to be provided by the platform (preferably as part of the processor ISA)
Fog Node Security
© Cisco 2014. All rights reserved. 19
IT/OT Converged Network Security Model
Access C
ontrol D
ata Privacy Threat D
etection D
evice Integrity
IT
DMZ
OT
Enterprise Network
Control, Automation
Demilitarized Zone
Process, Supervisory
Cloud OT Partners & Services
Internet
Ruggedized Firewall Ruggedized IDS / IPS Segmentation: VLANs, VRFs, ACLs
Plant Edge (VPN, IPS & Remote Access ) Stateful Firewall, NGFW Access Control
Cloud-based Threat Protection Network-wide Policy Enforcement Security Information & Event Management (SIEM)
SIEM, Remote Services Platform OT Policy Mgmt, SW, Config, AV & Asset Mgmt. Cyber & Physical Access Control Systems
Enterprise Edge (VPN, IPS, NGFW) Anti-Virus, Malware Detection Corporate Directory, Web & Email Security
© Cisco 2014. All rights reserved. 20
§ Data in Motion - Network Security § Encryption at line rate
§ Needed for both Data at Rest and Data in Motion § Hardware assist required:
§ Encryption SoC device for high bandwidth § ISA support for lower bandwidth
§ MACsec (802.1AE) § Ensures an [Ethernet] frame came from the station that claimed to send it § Problems:
§ Now optional for TrustSec § Not on all PHYs support it and not at higher data rates (e.g., 40Gb, 100Gb)
§ Wireless LAN § WEP authenticates endpoints § 802.1X (802.1AE and 802.1AR) LL encryption
Fog Node Security
© Cisco 2014. All rights reserved. 21
§ Remote Attestation: ensures unaltered software running on remote system § For controllers/orchestrators § For remote services § For east-west / north-south partners § For secure software upgrades § …
Fog Node Security
© Cisco 2014. All rights reserved. 22
§ Remote Orchestration § Requires end-to-end Trust relationship
§ Identity Management § Both on-device agent and remote agent require AAA
§ Secure communication channel § On-device agent authenticated and authorized for local resource control
§ Remote agent authenticated and authorized to manage remote resources
§ Device, software, application, etc.
§ Point-to-point trust different than resource management ownership relationship § Encryption and secure key management need to be provided by platform § Secure session management protocols need to be implemented § Ensures Orchestrator is running authentic software
Fog Node Security
© Cisco 2014. All rights reserved. 23
§ Tamper-Proofing/Intrusion Detection and Amelioration § Processor, SoC devices, board, chassis level detection
§ Sensor-based § Internal mesh to protect internal components § External mesh to protect chassis and i/o
§ Voltage & frequency monitors § Signal on anomaly detection § Self-resetting parts (e.g., encryption devices clear memory and accessible key storage)
§ Policy based action § Policy must be protected by AAA
§ May be separate security processor, may be on-chip f/w + fuses
§ On detection, execute policy § Must provide mechanism to support maintenance
§ Most important near the [exposed] edge
Fog Node Security
© Cisco 2014. All rights reserved. 24
Fog Node Security in One Slide
Hardware/Firmware/Boot Loader: Static ROT h/w ROT (Starts at Power-on) Extensible Chain of Trust h/w Virtualization: processor, i/o, devices (isolation – Confidentiality, Integrity) Security Processor/TPM/TrustZone: Secure Storage Resource & Device QoS Controls (Availability) Trusted Boot (measured/verified) TRNG (DRNG) Run-time integrity checking infrastructure Enable hardware-based fine-grained TCBs
Network Security (from platform POV) For: Management/Orchestration, Software Upgrade, Workload Migration (AAA, Remote Attestation) Secure network protocols & configuration VLANs, (VPN: IPSec, SSL/TLS, DTLS) Line rate encryption for all traffic Hypervisor/OS/Applications: Dynamic ROT ROT – Extended Chain of Trust Trusted Boot (measured/verified) Mix of Trusted & Untrusted Execution Environments
Tamper Resistance (Most Important near the Edge) Sensor Based Policy-based action on detection Policy stored in fuses/platform protected storage Reset secrets on detect Voltage & Frequency monitors
fdaStaticROT
core0 core1 core2 coren... SoC device SoC deviceh/w ROT
iommummu
Trusted Boot
Firmware/Option ROMs/Platform NVRAM
Hypervisor
...
Compute, Storage, and Networking Platform- Mixed Ownership: Single owner/federation of owners- Multitenant: Shared, public, or private- IP-based networking- East-West and North-South flows- Highly virtualized infrastructure
DiskDiskDisk
NICData at Rest Data in Motion
Tamper Protection
OS
App1 App2
VM1 (TEE)
OS
DynamicROT
Trusted Boot
OS
App1 App2
VM2 (TEE)
DynamicROT
OS
Trusted Boot
OS
App1 App2
VMn (untrusted)
OS
Boot