Upload File

secure endpoints, secure network: bios integrity measurements heuristics tool

  • Home
  • Technology
  • Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
15
Secure Endpoints, Secure Network BIOS Integrity Measurements Heuristics Tool for CFT Dan Griffin JW Secure, Inc.

Upload: dan-griffin

Post on 13-Jul-2015

208 views

Category:

Technology


2 download

Report

TRANSCRIPT

Page 1: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

Secure Endpoints, Secure

Network

BIOS Integrity Measurements

Heuristics Tool for CFT

Dan Griffin

JW Secure, Inc.

Page 2: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

WWNSAD?

• NSA and NIST have been public about:

– Inevitability of mobile computing

– Need to support cloud-based services

– Even for use with secret data in the field

• What works for them can work for you

Page 3: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
Page 4: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
Page 5: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
Page 6: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
Page 7: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
Page 8: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

Introduction

• What is a TPM?

• What is “measured boot”?

• What is “remote attestation”?

Page 9: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

Measured Boot + Remote

Attestation

Page 10: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

What is measured boot?

TPM

BIOS

Boot

Loader

Kernel

Early

Drivers

Hash of next item(s)

Boot Log

[PCR data]

[AIK pub]

[Signature]

Page 11: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

What is remote attestation?

Client Device

TPM

Signed

Boot

Log Attestation

Server

some token…

Page 12: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

Weaknesses

• Provisioning

– Secure supply chain?

– TPM EK database

– Patching delay & whitelist maintenance

• Integrity of the TPM hardware

– Capping; electron microscopes

– Trend of migration from hardware to firmware

• Hibernate file is unprotected

Page 13: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

Post-CFT

• Measurement-Bound Keys

– “Trusted Tamperproof Time on Mobile

Devices”

– See http://www.jwsecure.com/dan

• Commercialization

– JW Secure StrongNet

– RSA 2013

http://www.jwsecure.com/dan
Page 14: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool
Page 15: Secure Endpoints, Secure Network: BIOS Integrity Measurements Heuristics Tool

Questions?

[email protected]

206-683-6551

@JWSdan

JW Secure provides custom security

software development services.

mailto:[email protected]

Comprehensive Security for Staff, Network, Endpoints, Data ......SOLUTION BRIEF: Dell Technologies Solutions for Secure Care Comprehensive Security for Staff, Network, Endpoints, Data,

Usability Heuristics CMPT 281. Outline Usability heuristics Heuristic evaluation

Customizing Installers for OpenAFS and MIT Kerberos for Windows Asanka C Herath Secure Endpoints Inc

Building Secure IoT Endpoints and Edge Compute

Designing heuristics

EE384y Heuristics

MERIDIAN ENDPOINTS

SISB Heuristics

Writing Secure Java Code: A Taxonomy of Heuristics and an ...warebuilt.com/wp-content/uploads/2016/09/ware-writing...writing secure code can be correlated with design principles, principles

Secure Endpoint (formerly AMP for Endpoints) User Guide

PSY241 Heuristics

Nuclear Heuristics

Security for Generic Secure Video SIP Endpoints - · PDF fileSecurity for Generic Secure Video SIP Endpoints This document covers security and other miscellaneou s functional specifications

Clinical trial endpoints for use in medical product ... - 03 Papadopoulos.pdfClinical vs. Surrogate Endpoints* • Clinical endpoints – Endpoints that describe or reflect how an

AMP for Endpoints Deployment Strategy - Cisco for Endpoints Deployment... · 2020. 1. 30. · Cisco AMP for Endpoints Deployment Strategy Guide ..... 41 Cisco AMP for Endpoints Support

M4 Heuristics

wrap.warwick.ac.ukwrap.warwick.ac.uk/135016/1/WRAP_Theses_Oyebolu_2019.pdf3.3.2 Heuristics, Meta-Heuristics, and Hyper-Heuristics. . . .19 3.3.3 Simulation Optimisation. . . . .

SmartPhone Heuristics

Hardware Security Modules and Kerberos Asanka Herath Secure Endpoints Inc

Samsung zero clients for VDI and DAAS...Simplify and Secure the Desktop To maximize the benefits of VDI and DaaS, it’s important to simplify and secure the desktop endpoints. Samsung

Search, Backtracking,Heuristics Exhaustive Search/Heuristics

Kerberos v5 Tutorial - Secure Endpoints Inc

Magic Quadrant for Secure Web Gateway...The secure Web gateway (SWG) is a critical tool for protecting endpoints from various forms of malware and other security risks, and for monitoring

Ultimate Flexibility: Trusted Endpoints for Secure Remote ... · benefits of remote access justifies the need for an increased focus upon security. The Citrix Ready Secure Remote

Plugin Heuristics

The Myth of the Secure Virtual Desktop Myth of the Secure Virtual Desktop.pdf · The Myth of the Secure Virtual Desktop Avoid a false sense of security with your VPN or VDI endpoints

Automated (AI) Planning - cvut.cz · Automated (AI) Planning Introduction Obtaining heuristics Relaxation heuristics Relaxation Heuristics Dominance relation between admissible heuristics

Startup Heuristics

Heuristics: Heuristics and Biases at the Bargaining Table

heuristics ppt

Easy, Efficient, Secure Cyber Protection · malware (behavior, heuristics) • Detection of memory-based attacks (machine learning) • Entropy analysis • Self-protection Acronis

Study Endpoints

Plous Heuristics

Heuristics & Biases

Monologistic heuristics