On Sat, Jan 05, 2019 at 07:22:36PM -0800, Mat wrote:
Good morning, I hope the week is starting well for everyone.
> How would a device vendor use tboot to implement secure/trusted boot
> on their networking devices like routers and switches?
>
> If someone can also clarify diff between secure boot and trusted
> boot, when to use what.
Let me invert the order of these questions and then expand on the
former.
Simplistically, secure boot is a firmware based solution for
implementing cryptographically signed boot images. A public key is
available to the firmware that is used to authenticate the signature
on a kernel image. This provides a platform security architect an
assurance that the system has been booted with a known state of an
operating system image.
TBOOT is the software component of a larger body of technology
referred to as Trusted eXecution Technology (TXT). It is a cohort of
processor/chipset/hardware/software technology that provides a
framework for validating that the platform is in a known state up to
and through the operating system load.
The intent of both technologies is to provide a 'root of trust' that
platform architects can use to create inferences (attestations) about
the integrity of an application stack running on a platform.
TXT/tboot provides a more comprehensive guarantee as to the quality of
that trust root.
How to effectively leverage this 'root of trust' to create a secure
device is a large, complex and arguably immature topic. I direct
engineering for a company that uses both of these technologies, and to
a much larger extent Intel's Software Guard Extensions (SGX), to
provide platform security guarantees for devices such as you describe.
We refer, generically, to these types of devices as Intelligent
Network Endpoint Devices (INED's).
We use a trust root to support something we refer to as Autonomous
Introspection (the 'other' AI). The notion of AI involves running a
modeling engine that can make deterministic decisions about whether or
not the platform is operating in a manner consistent with the intent
of the developer. If not, the introspection engine can take very
precise and targeted actions in order to discipline the context of
execution that is attempting to engage in an extra-dimensional
behavior.
Technically, neither TXT/Tboot or Secure Boot, make a platform
'secure'. What they provide is a guarantee that there is a known
'good' state on which a security architecture can be crafted.
> -c
Hopefully the above is a helpful summary. We can go into more detail
on any of these issues if you have more specific questions.
Have a good remainder of the week.
Dr. Greg
As always,
Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC.
4206 N. 19th Ave. Specializing in information infra-structure
Fargo, ND 58102 development.
PH: 701-281-1686
FAX: 701-281-3949 EMAIL: g...@enjellic.com
------------------------------------------------------------------------------
"Human beings, who are almost unique in having the ability to learn
from the experience of others, are also remarkable for their apparent
disinclination to do so."
-- Douglas Adams
_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel
