Securing Applications With Firmware (Going Beyond TCPA Platform Security) Dr. Robert W. Baldwin...
-
Upload
barbra-hubbard -
Category
Documents
-
view
214 -
download
0
Transcript of Securing Applications With Firmware (Going Beyond TCPA Platform Security) Dr. Robert W. Baldwin...
Securing Applications With
Firmware(Going Beyond TCPA Platform Security)
Dr. Robert W. [email protected]
Chief Scientist
2
Outline
Who is Phoenix Technologies? What is Phoenix doing in Security? Current & Future Partners
3
Phoenix Dominates PC BIOS
BIOS: Initialize & Manage PC Motherboard & Devices
Phoenix is 21 Years Old 80% PC Market Share > 100 Million in 2001 Expanding to
• Set Top Box• Internet Appliance• Wireless Handheld
Prior Success With• Power Management• Plug n Play• USB
Phoenix Other
100 Million PCs in 2001100 Million PCs in 2001
4
Phoenix Partners & Customers
5
Phoenix FirstWare Opportunity
Motherboard Includes Protected Execution Environment
Past:• Power Management• USB, Plug n Play
Now:• Firmware Smart Card
for Each Application• Application Integrity & Access Control• RSA, AES, SHA1-HMAC• World Wide Trust Infrastructure
(PKI Initializes AES Smart Cards)
ApplicationApplication
Win OSWin OS
StrongROMStrongROM
6
Phoenix FirstWare Opportunity
Bind Data (Cryptographic Seal & Unseal):• to Specific Application on Specific Device• App-Device Pair Registered with Enterprise or Merchant
Checks Signature on In-Memory Application Code• Viruses, Tampering, Reverse Engineering
App DataApp Data ApplicationApplication
8
FirstWare Product Areas
Check the Virus Checker & OS Loader One-Time Password Authentication Convenient Two-Factor Challenge-
Response• VPN Client, RAS Dial-Up, SSL Web Access
Protect RSA Private Key & Certificate • VPN Client Certificate, E-Mail, Purchasing Card
Software Licensing & Content DRM Device Asset Control & Tracking
9
Phoenix cryptographic engine
+ security keys
Phoenix StrongROM on motherboard
StrongROM secured
computer
FirstWare Deployment
StrongClient secured
computer
New PC, Handheld, Set Top New PC, Handheld, Set Top
Legacy & Non-Phoenix DevicesLegacy & Non-Phoenix Devices
Application Includes StrongClient WDM
10
Working With Security Partners
Chips Vendors Motherboard & PC
Makers OS Vendors Wireless & Handheld Security App Vendors Financial App Vendors DRM Vendors Trust Infrastructure
Providers
Phoenix FirstAuthority
Device Security Server & SDK
Phoenix FirstAuthority Server Family
Device Authority Service Providers
Phoenix FirstWare
StrongROM & StrongCLIENT
Device Manufacturers &
System OEMs
ISVs & IT Developers