Motivation
The demand of trusted data processing ist not new. Secret and sensitive data was processed along open data ever since the beginning of electronic data processing. The count of computer systems attacks and the spreading of virusses and trojan horses grows constantly. It takes an average of six days for newly discovered security breaches to get abused. In addition the complexity of attacks is also growing, as against the decreasing knowledge required to execute them. This development and the more frequent use of critical applications elevated the needs of trusted data processing in the past years. Security mechanisms of operating systems get breached by attackers and conventional security solutions, like firewalls or Intrusion-Detection-Systems, cannot afford sufficient protection to their users anymore.
Todays platform's weakness results from their architecture. They often lack of sober application separation and effective rights management. The compromisation of a single application by an attack, leaves the whole platform, including all it's other applications, considered to be comrpomised. This makes clear that new technologies are required to regain the distributer's and user's trust. To guarantee the necessary security standards, a new generation of operating systems is required.
Goals
The worldwide count of malware infested computer systems in private and commercial use has reached a new dimension. Even technically advanced countrys like germany make no difference, resulting in severely damage from malicious software. To prevent such attacks, the focus lies on hardening computer systems against malware activity. Todays security solutions already offer thorough measures, but are often exposed to manipulation by malware themselves. There is always the risk of a "Lying End-Point", a manipulated security application that pretends to run on a clean computer systems. A new architecture that guarantees the reliability of a security system with a provable integrity, thus preventing attacks from core, needs to be developed.
Trusted Computing technologys offer possibilitys to measure configurations of computer systems and to detect manipulation. A virtualization on a computer system enables the separation of single applications and components, thus supporting the containment of already present malware and also sustainable preventing its spreading. Softwaresensors serve to monitor specific processes on a computer system and to detecting anomalies, which can be significant for possible malware activity.
This research project will create the basis for a innovative and trustworthy security system in form of a demonstrator. One of the core intentions of iTES is to take already existing technologies and combine them in a new way while advancing them through innovative developments. The consistent usage of security software will also be protected from manipulation with help of virtualization and integrity-measures of its components.
Softwareagents, developed in this project, serve to monitor critical system components that were detected by unwanted manipulation of the computer system. The existance of malware and its manipulation on components should be recognized as soon as possible with the option to revert any modifications it has made. A demonstrator will be developed for common computer systems and operating systems and the targeted solution will also consider unexperienced users.
Trusted Computing
Trusted Computing is a security technology specified in 2003 by the Trusted Computing Group (TCG). The TCG is an industrial consortium in union of 170 corporations. The core of TCG's endeavours is the creation of a "Trusted Platform", a secure and trusted basis for applications. The Trusted Platform offers a secure environment to protect critical data like cryptographic keys, certificates and critical operations. For more information about Trusted Computing, follow these links:
www.internet-sicherheit.de (german) - Trusted Computing
www.trustedcomputinggroup.org - Trusted Computing Group