content-type: multipart/related; boundary="----=_NextPart_01C4F197.F7067DD0" mime-version: 1.0 This document is a Single File Web Page, also known as a Web Archive file. If you are seeing this message, your browser or editor doesn't support Web Archive files. Please download a browser that supports Web Archive, such as Microsoft Internet Explorer. ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi_.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)

This presentation contains content that your browser may not be able to= show properly. This presentation was optimized for more recent versions of Micr= osoft Internet Explorer.

If you would like to proceed anyway, click here.

 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master04.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
单击此处ವ= 4;辑母版标题样式
单击此处编辑母= 9256;文本样式
第二级
第三级
第四级
第五级
̸= 9;date/time›
&= #8249;footer›
‹#›
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master04.xml content-transfer-encoding: quoted-printable content-type: text/xml; charset="utf-8" ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/preview.wmf content-transfer-encoding: base64 content-type: image/x-wmf AQAJAAADlQMAAAYASgAAAAAABAAAAAMBCAAFAAAACwIAAAAABQAAAAwCeQChAAMAAAAeAAcAAAD8 AgAA////AAAABAAAAC0BAAAIAAAA+gIFAAAAAAD///8ABAAAAC0BAQAOAAAAJAMFAP///////3gA oAB4AKAA////////CAAAAPoCAAAAAAAAAAAAAAQAAAAtAQIABwAAAPwCAAD///8AAAAEAAAALQED AAQAAAAnAf//BAAAAPABAAADAAAAHgAHAAAA/AIAAJnMmQAAAAQAAAAtAQAABAAAAC0BAQAOAAAA JAMFAP///////3gAUAB4AFAA////////BAAAAC0BAgAEAAAALQEDAAQAAAAnAf//BAAAAPABAAAD AAAAHgAHAAAA/AIAAP///wAAAAQAAAAtAQAABAAAAAYBAQAEAAAALQEBAEoAAAAkAyMAHAARABkA EQAWABIAEwAUABAAFgAOABgADQAbAAwAHgAMACIADAAlAA0AKAAOACsAEAAtABMALwAWADEAGQAy ABwAMgBWADIAWQAyAFwAMQBfAC8AYQAtAGMAKwBlACgAZgAlAGYAIgBmAB4AZQAbAGMAGABhABYA XwAUAFwAEgBZABEAVgARABwAEQAEAAAALQECAAQAAAAGAQEABAAAAC0BAwAEAAAAJwH//wQAAADw AQAAAwAAAB4ABwAAAPwCAAAAM2YAAAAEAAAALQEAAAQAAAAGAQEABAAAAC0BAQAWAAAAJAMJAJAA VQCQAFUAkABbAJAAWwA/AFsAPwBbAD8AVQA/AFUAkABVAAQAAAAtAQIABAAAAAYBAQAEAAAALQED AAQAAAAnAf//AwAAAB4ABAAAAC0BAAAEAAAABgEBAAQAAAAtAQEAHAAAACQDDACSAFUAkwBVAJQA VgCUAFcAlABYAJQAWQCUAFoAkwBbAJIAWwCQAFsAkABVAJIAVQAEAAAALQECAAQAAAAGAQEABAAA AC0BAwAEAAAAJwH//xwAAAD7Avj/AAAAAAAAvAIAAAAAAEAAAEFyaWFsAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAABAAAAC0BBAAEAAAALgEYAAQAAAACAQEABQAAAAkCADNmAjYAAAAyCiAAGgAf AAAAQSBDb250cm9sIEZsb3cgSW50ZWdyaXR5IEJhc2VkIAAFAAIABgAFAAUAAwADAAUAAgACAAUA AgAGAAUAAgACAAUAAwAEAAUABAACAAQAAwACAAYABQAEAAQABQADAAQAAAAuAQAAHAAAAPsCEAAH AAAAAAC8AgAAAAABAgIiU3lzdGVtAAAAAAAAAAAAABgAAAACAAAA6CejB+QEAAAEAAAALQEFAAQA AADwAQQAHAAAAPsC+P8AAAAAAAC8AgAAAAAAQAAAQXJpYWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAEAAAALQEEAAQAAAAuARgABAAAAAIBAQAFAAAACQIAM2YCGAAAADIKKQA9AAsAAABUcnVz dCBNb2RlbGEFAAMABQAEAAMAAgAHAAUABQAEAAIABAAAAC4BAAAEAAAALQEFAAQAAADwAQQAHAAA APsC+v8AAAAAAACQAQAAAAAAQAAAQXJpYWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAA LQEEAAQAAAAuARgABAAAAAIBAQAFAAAACQIAZmYCCgAAADIKPwBTAAIAAABHZQUAAwAEAAAALgEA AAQAAAAtAQUABAAAAPABBAAcAAAA+wL6/wAAAAAAAJABAAAAAABAAABBcmlhbAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAQAAAAtAQQABAAAAC4BGAAEAAAAAgEBAAUAAAAJAgBmZgIMAAAAMgo/ AF0AAwAAAFpodQcEAAMAAwAEAAAALgEAAAQAAAAtAQUABAAAAPABBAAcAAAA+wL6/wAAAAAAAJAB AAAAAABAAABBcmlhbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAtAQQABAAAAC4BGAAE AAAAAgEBAAUAAAAJAgBmZgIcAAAAMgpIAFMADgAAAEFraGlsZXNoIFR5YWdpBAADAAMAAQACAAMA BAADAAIABAADAAMABAABAAQAAAAuAQAABAAAAC0BBQAEAAAA8AEEABwAAAD7Avr/AAAAAAAAkAEA AAAAAEAAAEFyaWFsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAC0BBAAEAAAALgEYAAQA AAACAQEABQAAAAkCAGZmAicAAAAyClEAUwAVAAAASW93YSBTdGF0ZSBVbml2ZXJzaXR5AAIAAwAE AAMAAgAEAAIAAwACAAMAAwAEAAMAAgADAAMAAgAEAAEAAgADAAQAAAAuAQAABAAAAC0BBQAEAAAA 8AEEAAMAAAAAAA== ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master05.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
单击此处ವ= 4;辑母版副标ག= 4;样式
‹date/time›
&= #8249;footer›
‹#›
单击此处ವ= 4;辑母版标题样式
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master05.xml content-transfer-encoding: quoted-printable content-type: text/xml; charset="utf-8" ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/pres.xml content-transfer-encoding: quoted-printable content-type: text/xml; charset="utf-8" ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0001.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
A Control Flow Integrity Based Trust Model
Ge Zhu
Akhilesh Tyagi
Iowa State University
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master05_image001.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhWAGSAXcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAABX AZABgQAAAJnMmf///wECAwL/jI+py+0Po5y02ouzlqD7D4biSJZmuaXqyrbuC6fnTNd2GOf6zve+ dgsKh52f8YhMKi3EphO1jEqnVNjzigVUt9yud5ENE7/ksvkoTt/O7LZbpY7P3vS6vSHPk+78/lsP COI3SOgVeKhVqLiohBjICBnJ4wgoaXnJQqmHydnJpCnnKTqKBxpHippqepra6rmq5iqLCZs2extZ K4bLq6gb1hvs95slbGxHjHW87JZ8xQxt5vwUXW043WStXYWdvf291D0GTo4mLlSe7nOOru6ewx70 Pv8Sv0aPD2dfk98PtE/Dn8BPAE8MPMihoEGEDEsphNIwIoKHJiRaNEAR4sWG/xn3bIzYccRHkCFx jGRY0uTJgykFrWTZ0sNLmDETzfRXs8hNnDl38qzps19Om0HnDS2K7yhSoz2XvlPqVB3UqOWmUgVn 9eq2rJcEeP0KNqzYsWTLmj2LNq3atWzbun3rVhcmuHTr2r2LN6/evV5BSeILOLDgwYQLC0DEyLDi xYwbO65EyLHkyZQr080zyLLmzZw7s7rTObTo0Yx3gSaNOrXqu8DqrH4NO3ZaZW9k276N+5kb3Lx7 v3ay27fw4aG9mSGOPLnlcWWUO3/euB0Z6NSrD5Y33br27XjveeEOPvxbG1/Emz+Pll8X9Ozbhw3I xb389vCrzL+Pfs4W/PzFL/+k0l+A4FUEoIAGaqfREgcuWF2CSjAI4XMeRRFhhcqJJIWFGg6HoYIb ftibCBmCSKJtInpYYoqwqZSEii6uxuIRL86Ymkst0ohjcR88mGOPnO14o49CUgakjEMeKVmRRiDJ ZHQ6GdlklITJBKWUVgJG5ZJXbsnXkz9wCWZeXvoQZpl1jcmDmWqOR1QPa77JVptpwknnWXLuUGee ZN2pg55+gsVnDn8OGigMgxKq5aF6FvqCon4y6oKjfiYqKZ2UVvrmpZiqqemmZXbqKZighrrlqKRK CWkLp5qZKgurltmqq69yGesKs9Ja5a1R1qqCrlfymoKvVgK7gbC7ElussUj/ojmnskMyi6ezzyKr gbRCZmmqtSRi+6W2OHLbrbcuKpmtuBWSG66526Kbrrob2oiEu+uCW668/cWYq70M4puvvgKeiKK/ BwIcsMD3EsyjwQcjnLDC9004osPyOdiwxPlRXLHF/mGcscbb/WefxwOCXKDICOoXn8kN1peyys6R V57LF6oXs8zCYZedzbxJl7POsg3Rhs+xMXeG0DASXbTRo1FDh9KeMd2005UVc5rUTtLGh9WK2ZKZ 1oF91rXX3YWSmNhsbhKJ2Wo5wona7/lFitS/aFVVU3R/w9Xd0OSt9zJ8923M34AHI/jgvBRu+C2I Jy7L4oy34vjjqEQu+SiU/1f+it2Y93L55rRo7rnioIfe+OikQ2766ZOnrrrlrLeeOVCwu9L57IXU bvsguOfex+683+H773UEL/wfrxfPCPHIs6H88tIc7zwhzUf/xfTUd2H99Vtkrz0V3HcvxffghwP9 +HSIbz4S6KdvxPrsr1P++2e4L/8O9NcPT/z4V6///tj377/tATCA3hsgAcNnwAOST3YKbMP9GiiD BELQHAycYBkeaEEMYDCDBIkJBy8owQ/aL4QizF8FS8gNEqKwHipcYQs26EIHwDCGDJghDRVgwxtO pIU6/McJe0hBDwKxETwcYgdbYsQk5BCIS+xhE3X4xBtGkYZTjGEVXXjFFf9mEYVbLGEXRfjFD4aR g2PMYBkteMYJphGCa2xgGxX4xgPGkYBzDGAd/XfH/eURf3usXx/l98f3BZJ9g0xfIc13yPElEnyL 7F4jtffI60WSepOMXiWdd8nlZRJ5myxeJ4X3yd+FknejzF0pbXfK2aUSdqtsXStV98rTxZJ0swxd LT13y83lEnO7rFwvJffLxwWTccNMXDENd8zBJRNwy+xbM/X2zLtFk27T1Eo1r3JNqmQzKtt0SjeX 8k2khLMo4wxKOX1yzp2k8ybrnEk7X/LOlcTzJPMcST0/cs+N5PMi+7RIPyXyT5L8MImTKCJBEzLQ g5pQiArtQUA5YtCGyjC3ohKtIUUrisOLYnSHCd3oCh6KEo16NAAgRUhJacLQkbrgpANhqUBc+pOU qjQTIvUoTIVS043eNB87TUpOMdpTegSVKR2daQaG+pSfVhSp7mCqVJQqUaemQ6p1K6pRL0BVcmQV K1Bt6Fbx1lWFfnUrYT3oWLVxVmuktRprjUZb91ZWgr6VGXP1W1yTWNdj5DVwdzXiXoXxV8L1dYiB 5dxgmXhYJyYWiouVYmOp+FgrRhaLk9ViTgoAADs= ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master05_image002.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhHgEUAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAAAd ARMAgAAAAAAzZgJnjI+py+0Po5y02ouz3gf4z4XiSJbmiZYfkLbuC8eyCc72jef66O3+DwzmWMKi 8Yi0EJPMprO4fEqn1Kr1is1qt9yu9wsOi8fksvnsjaLXbJK6DY8r5fR6pGfP6w21vT++8ie4tuJR AAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0002.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Trust Model
= lMany definitions of trust.
lTypically transaction l= evel trust propagation/policy.
= lSelf-assessment of trus= t.
= lA trust policy & se= curity policy specification.
lCompiler level support = for embedding security/trust policy monitoring.
= l
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/master04_image003.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhvwGSAXcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAAC9 AZABgQAAAAAzZpnMmQECAwL/lI+py+0Po5y0Wgqy3rz7D4biSJbmiabqyrbcBcfyTNf24ub6zvf+ DzTdhsSi8egIKpfMpvNJQkqn1CoEis1qt1yQ9QsOE7vksvnsEqvX7Aj6DY/D2/R6W47P65v2vr+6 Fyg4uPJneDhEqLjIuIH4CHnROEmpF3mJmVS5yVmW+Qkq0DlKChV6GlmquvqD6nrIGivL8lrbN4ub O2LLe6f7C5zROywWbJxLnGx1zByr/CzVLF0KXV00jc1pvW2T7T3JHS7zTa4ofm5Rrh6I3i6xDo/n Pq8Zb39Gn69wz++p/y+qn0AtAP8NPGiqYD6EDJkoXNgwYquH8yRa5EGx4sWN/y0yuuMIUoXHdiFL Chl5zqRKEShTrnzZoaU4mDQ1yAxXs+ZNbjlp7tzWE+ZPa0FfDq1WdOVRaElVLn3W1ORTZVFLIqqK VaKhrFwb/ukK9uCtsGT72SmL9t7ZtGzV1WkLlxyduHSzza2Ll5mvvHyB7e0LeBabwIQFrymMeNXg xIw7LW4MGdzhyJQXPa6Mec/kzJzzbO4M+s3n0KTJjC6NOsvp1Kz5qGkN+8nq2LQxvq6N28fs3LxT 7O4NPMrt4MRP/C6O3NHw5Mw9HG9e/Dn04NKn965uPTf27LW3c4/t/Xvr8OJTky9f+jz60OrXd27v PjP8+JXn049s/37j/PoT8//vX9h/AAYm4IB9FWhgXggmWNeCDMbl4INtRShhWhRWWNaFGIal4YZd dehhViCGWNWIJDZl4olFpahiTyy2qNNyMOIn44z71WijfzjmGOCOPBLo448HBimkgkQW2eAFASzJ ZJNOPglllFJOSWWVVl6JZZZabslll15+CWaYYo5JZplcWmBmmmquyWabbr4JZ5xyzmllBXTeiWee eu7JZ59+gknBn4IOSmihhh6KaAATJMpoo44+CmmkTEogaaWWXopppmNSqmmnnn4KqqSchkpqqaae KmcEqK7Kaquuaqnqq7LOSiuqo9aKa666Pnrrrr7+CqyevQZLbLHGlrnoscr/LsssloE2C2200Nop bbXWAqvktdpu+2oM3H4LbqgvIsnRuOReZO65Wh2pLlvptsvQu/CKxe68ZMlrr1n15vvhvvyK6O+/ JQYsMIoEF7ziwQi7qPDCMRbjsIUNR2zUxBQ7ZfHFVmWsMUj4djzNxyA3I/LIx5RscjAop/zLyiwj w/HL8cYsM70Q15zwzTgzrPPOD4fhc1AuB00NzUTHM/TRjhmttFtMNy3X01B7k/TUkvVsdblSZy1N 1Vybs/XXJ4cttspkl93y2WjDjPXaCHnttmdqx+3M3HQrZvfdRbett1p5970034DDA/fgZhRuuGl/ J3410Iz7LfjjVC8uOdiR/1ceMuWYC4L45rJp7rkloIcuz+ikx9H56UqkrjoQrLeum+mwHy777Ipf brthuOde9+684+3773s7LrxftRefUPDIa3P88q4p7zwlr0dvXPPUBzH99cJBr73lxHevSvbge2H9 +DuIb35M5aefxvrs0+L++yLFLz8K6Nd/v/z5v78/+/2n/z/zBXB8AwRfAbt3QO0l8HoLpF4Do/dA 50VweRNEXgWLd0HhZfB3G+RdB3P3QduFcHYjhF0JW3dC1aXwdCskXQtD90LPxXBzM8RcDSt3Q8nl 8HE7ZFwPE/dDwwVxcEMEXBH7dkS9JfFuS6RbE+P2RLdFcW1TRFsVy3ZFsf9l8Wtb5FoXs/ZFq4Vx amOEWhmbdkalpfFoayRaG4P2Rp/FcWdzxFkda3ZHmeXxZXtkWR9T9keTBXJkgwRZITt2SI0l8mKL pFgjI/ZIh0VyYZNEWCULdkmBZfJfm+RXJ/P1SXuFcl6jhFcp23VKdaXyXKskVyuR9MoixVJIs/xR LXl0yxzl0ka7nFEvYfTLFgVTRcM8UTFJdMwQJdNDy9xQMzH0zApFU0LTfFA1GXTNBGXTQNscUDcB 9M3+hFM/47xPOelzzvik0z3rXE870fPO8sRTPPP8Tj25c8/s5NM6+5xOP6Hzz+YElDkDTU5BkXPQ 6NCvfifhHkPnsNCH7iJkohINQUKJc1HqULSiH8gocDx6nY1yVH0OHentvmdSzok0pcJYKUtByhuY aselKZUpbmzaHZqaFKe04Sl4dDpSn8JGqOMBKkeJyhqkmseoFVUqapyaHqZKFKqkoSp7pPpQq4Km AAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0003.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Program level trust
lTraditional trust <= /span>
Static (w.r.t. program, potentially dynamic w.r.t. <= span style=3D'position:absolute;top:48.0%;left:18.35%;width:74.15%;height:5.25= %'>information)
Transaction level
lProgram level trust = ;
Real-time
Program level
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0032.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Architecture/Hardware Trust Support
lTCPA (TCG) Trusted Platform Module
Crypto co-processor (RS= A -512, 768, 1024, 2048 bits; SHA-1; HMAC)
Components for asymmetr= ic key generation, RNG, IO.
TPM may use symmetric e= ncryption internally.
May implement other asy= mmetric components such as DSA or elliptic curve.
Endorsement keys/Attest= ation keys
l
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0033.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Architecture/Hardware Trust Support
lTPM allows for a trust layer in a PD= A, PC, Cell Phone. =
= le.g. Integrity of the b= oot-up process.
l= Allows for protection of intellectual property (keys, other data, programs).
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
a.Get Kp<= b>+ and using K<= b>C+ decrypt HASH{K<= b>p+} <= /b>
b.Validate HASH{KP<= b>+} =3D=3D MD
c.Generate KS
d.Encrypt KS{S/w} and K<= b>P+{K<= /span>S}<= /span>
Chip M= an.
Trust= ed Component
S/w V
Bob= 217; CPU
3D"Text
trusted KC+=
2: KP+ = , KC-{HASH{KP+ = }}
a.Get KS = using KP- =
b.Decrypt S/w using KS
c.Validate HASH{S/w} =3D=3D MD
Software distribution model
3: KS{S/w}, KP+{K<= /span>S}, HASH{S/w}
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image004.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhngBXAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAACc AFUAgQAAAAAzZjPMzAECAwL/hI+py+0Po5y0mmCz3rx7hn3iSJZZaKbqOqLsC8eOK9c2S9/67uX8 D5T4gsQiYmhMApHK5o3pjMKg0mqKas2KsNruhusNU8Di8oPcDKjXbLZZgV62BfS63d5+x5/ru/// 5+a1F9MHeIh4t6ZFiBOQCBlZp2bVePUomRlJGWVZgqkZCsmp5LkFKpqKaPpJhKoKC8jaEvQae6uY NKthi+tLt9sRbNH76zvM+1NsjIt8oswcPenKsywd61yRDWF9rbo9AT7jHS0eYQ5Czox+Vq1uzD4D /X4bL+9Oj11kD5f/bcSvnz9NARsUTNBt4DRd+xQmOmgQYMJ3pBjqcohHCkQQjGoUVkyjcSK2j042 cjP0a1EXk+HYhGrDUpsemDRVvrlwMycxnTyF9Px5D6jQI0OL4jQ6NCZSWkuBKm3aA+rPp1K/VOVJ 9epOrTezcg33VU9YM17HtjMbpixaEGsHtV35llHcLGrnHrXbCa9GvXn5gvRbCnBgwQAJFzZMDXGt mowbO34MObLkyZQrQy4AADs= ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image005.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhAgDyAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAAAB AO8AgAAAAAAzZgImjAOJegn7mnIHWvkovobqPjFgJlqfWXppGI0c2sKVGtMze5M1vhUAOx== ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image006.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhOAAhAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAAA3 ACAAgQAAAAAzZjPMzAECAwKIhI+Jwe3PlJx0NYGz3tjVr1zcSGYNWDHlygoRarXy+qLBjNOgmvdj kPIJf5Pb8KgBJozIpmvpjCoBzChyWrUelVmtENj1+sBiJ6885KLThvC6pX73sHLclFqf3fF5XahP srcAuCG45IZW84HoZZjC2KQI03ZmJjl5CElziUkBUQLRKZoZOnpQAAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image007.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhRQAhAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAABE ACAAgQAAAAAzZjPMzAECAwKUhI+pFu0P45q0Tiiy3rxDC1pOR5am8ITqeLbu5qhX8NZ21shHc/d2 HuL5hjUghUZMFo/K5iuwQDqnJihCSs16dtruluENa6xYsRZaNp/Taqqw3X3D3eA5HcC2D614fZNf 5+cDyJAnWMV0+CSi2EI40+jxWCF3aKSDV9kWgxmluTbZqfDgximKGfE5lnraepR66XpQAAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image008.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhggDAAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAAAAwCA AL0AgAAAAAAzZgL/hI+py+0Po5wp0Iuz3jNYDobiWHnkiaaOZ6rui1ofTNfYbOf6uvc+gvsJa8Gh MVU8KkfJpXPTfEop0an1Ub1qFdmtF9D9asNiK7ksPaOd6rWy7TbC48I5vWe/7/L6HL9PBLj1J/hC WKhyiBizmNbo+MgWKTn5Vml5manJs/mj2HnxCdoxileqI3qKperHapPqugAbC0QLM2trgJu7a9sb +wuc6xLMWmw8nJiMtHxyrPp8Gl06DVpt3eycTXK92e29zRQe8q1ZftkyDqUOcl7p/s7OAR9JXy+/ jn+jn2H/6L8IYEB+oQgWNEgKYQSBiBgKcvhQ4UKIfShWlAjBoh6NpXQ4dsS4CiQnkbJINvDoBmVK kyVZcnFZAWZMmbpoHlCJBmdOm2B49rSpU0w6mUG/FDXK8+ggn0rHJG16BaoZpkmrApU6BSskmkNh an3ylRLXsEvIYuL69KpVtEDXEk071q1XuS7NHrErhy5LvEP41lEbNzBRvz4IFwY8uK1gr4ZRNXa8 eO9jP5OJVKbR1WRmkptBskhc97PkzghZXGZiWrRC0zQLAAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image009.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhHQAzAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAMACQAU ACIAgAAAAAAzZgJBhI9poZ3BnJy0ulgxYPoi2DUcZG1meZDoF65Z+8LeJouqi+N3OfJj/QDlVhwi zVXkLZDAx6KZEipzO4qqOgFBDQUAOw== ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0034_image010.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhMQE8AHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAIAAAAr AToAgAAAAAAzZgL/hI+py+0P4wu02oszllH7r3HiSJbmiaYcuKnua7IXTNf27cgBzvc36wsKXZ+h 8XgsIpc1D/MJjTqj1BD1is0arNpXpgsOi79iBrmMTo9nXbb6DVe3kpa4/W53N+v4vj9fQUTxR1h4 x7cSaLjI+Ia4paDYOEmJNgh5cFm5yQnGp9kZKip1uTN6irq0Y5ra6voKGys7S1tre4ubq7vL2+v7 CxwsPExcbHyMnKy8zNzs/AwdLT1NXW19jZ2tvc3d7f0NHi4+Tl5u7rp6rp6wyrpubir5Lq4Z7z7P DQrgLo9f3Z9Dn79mABMJHDjskQo9CHUxxPGwYauIdBRKnESxTcaLMGXmEOLCEQpIUVNCwijpEKVJ BEqcyRgH5JyOe79m0ly5wOYZODo94qzSM6hQn8cKAAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0035.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
H/W System Leve= l Trust
lDevdas et al use VLSI= process variations to generate a signa= ture of each hardware component. <= /span>lDevelop a trust engine that composes system level trust?
= lTrusted Circuits?
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0004.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Back to Program Level Trust
lThe underlying thesis is that control flow integrity of a program = is a good indicator of its trustworthiness. lOur hypothesis is that any program b= ehavior comp= romise whether through data contamination or control contamination eventually is visible a= s control flow anomaly.
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0005.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Basic scheme (cont.)
lWe associate a dynamite trust level, a value in the range [0,1] with= a subset of monitored entities in a program, which could be data structures or control f= low edges.
lAt runtime, the trust value will change according to embedded checks in the = control flow.
lTrus= t here is an estimation of the likelihood of not breaching a given trust polic= y.
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0006.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Control flow checking framework
lMcCluskey et al. proposed to use control flow signatures for fault tolerance in a processor.
lThe signature model contains:
Each basic block i assigned a unique ID= 3;
Invariant: global regis= ter GR contains ID of the current block at exit.&= #13;
Difference value for in= coming edge (j= ,i) where j is the parent node for i,
Check for the consisten= cy at i.
------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0006_image011.wmz content-transfer-encoding: base64 content-type: image/x-wmz H4sIAAAAAAACC7t+9tgsBjBIYHJgYuAEsQzjGEEM5pNANhODDFiWFYg5mWAsJkZGKIuR6f///2CW HqMEVIwbro4HaGYCkxCQpcbGzyDF8B+kmEEAyD8AZC0DYgWg2mdAw7ihangYfBNLMkIqC1KBLgLb /ZtJ4T/EhRPAtrIwMQiEZOamFiv4pZYrBOXnJuYxiHNzSaeVHSzPB2IFhiPlLEB1ukDFHEDaiOsB 43GwzsxKiHkN/wiZV8THtRjTPEYGEP0Bbm4DoxsDyKueLlxQ13OBfcgINh1ilwADO5i3B6SwjZGJ SSm4srgkNRcUCAZAIS4GRYYuiAYguPJZiAHmdohdjAzMYBkAeEJMQqgBAAA= ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0006_image012.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhGwAaAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAIABwAW AA8AhAAAAAAAAAcCAA0LCgIGCgkEAAQHDAAABAkLDAsGAgAAAgcJDA0HBAAECAACBgsLDA0LCAQA Ag0JBgIAAAIAAgQAAAcCBAkGAgIECAECAwECAwECAwECAwECAwECAwECAwVzICAOQmAShakGhui+ QHEgYqIsIhM0sEsSroLj4UqwegBIBAf4vSQTXo8xE0koTBGkIoUVuomqC9p1bVtNQRmgQ78YN+vE nRa/hERAmFY8Dix8UEBJXGMTcS8kKg4XKypuJGtIkwl0k0h/fJeTEhibmzpAIQA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0006_image013.wmz content-transfer-encoding: base64 content-type: image/x-wmz H4sIAAAAAAACC7t+9tgsBjB4wJnAxMgJYk0IZWQAMpgDGRkYmBhkwLKsQMzJBGMxMTJCWYxM//// B7P0GCWgYtxwdTxMCUwPOIWALDU2fgYphv8gxQwCQP4BIGsZEC8AWsQGVM8NVcPD4JtYkhFSWZDK wFAAtvs3k8J/iAsngG1lYWIQCMnMTS1W8EstVwjKz03MY7gx/3P5QyBWUPha7s6X9pUFqE4XqJgD SBtxPWBM5ATpzITz97KC+FlwPjcTqnwtI0QeYn/DP/LsZ2QA0R/g7mhgvMMOChpPFxifgwWV78YA ssHFBd1eUJADoUBwZW5Sfg4Dwzo+rrYVT4Vw+htiLyPc3gw2kBFH4fZcAPvX1gU9fBko8t8Dxgvg ENJx4YLGJhc4xsHGQsNSgIEdzNsDTiOMTExKwZXFJam5DF9B5jIAdSgydEE0AMGR50IM6H5iBssA AHKeCJi4AgAA ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0006_image014.gif content-transfer-encoding: base64 content-type: image/gif R0lGODlhcAAcAHcAMSH+GlNvZnR3YXJlOiBNaWNyb3NvZnQgT2ZmaWNlACH5BAEAAAAALAMABgBr ABIAhQAAAAAAAAQAAA0LCAACBgsLDAkEAAQHDA0LCgcCAAIGCg0HBAAAAgcJDAsGAgAECAAABAkL DAQCBgQAAgcCAg0JBgICBgIAAAIECAIAAgIGCAkGBAsGBAQABAcCBAkGAgcEBgsLCg0JCAkJDAEC AwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwECAwEC AwECAwECAwECAwECAwECAwECAwECAwECAwb/QIBwSCwaj8ikcnkcCAJQQoFJLRqg2MChyiUiEljF NautLhiN4aJc/IbH2W3SgRauH908wACJCOlpAHdMC1IAAxJTAxOBVn1/dYIBeEgGhn9sekxfCkOW U5hySAgUgYigFRagQ5yelwAOmV4JnUMVF5SaS4uBrba4ShUYQ6dCpI1CvMa0RLe5zRnITs+6SAuP ABXRRNNKCxpgZAEEG8iC2NrSAtR/2ELOeXBZ7Aa5Du7ZwEkLtYeJQxzM1Rtyz88vdl+orRFVrYkA OQmLLAw2LNk/AMe4PVymUNa7Cwy/4GsoMdKtkAlGtillEZUqImcCnZylsiCRWAwHdDCI0QNPkyHy sFD71O4nziI6fxZS9E8ZEaKw8B3t6afbx0gkj9yqZTUf1iUx1Xjcmmzdr6+YxDEsmytiFzdRPojz yNYhllcYw42Tq3YWuyUOGAbO2mUwYSaGqyDwyYrx4U2OH4+KTCXVKmGSmVjOjARz4U7p1vTjbMTB aNJiT48CEYIlABEjUB9BwNq1bE1u5Gy+PYsubyFBAAA7 ------=_NextPart_01C4F197.F7067DD0 content-location: file:///C:/EFC2297F/3A-01-Tyagi__files/slide0008.htm content-transfer-encoding: quoted-printable content-type: text/html; charset="us-ascii" MHT (IE Only)
Travel over one edge
lSuppose control flow travels through = (a,b). At block a, we have
lAt block b, we need to check: