Goals for Today CS162 Operating Systems and Systems Programming Lecture 27 A couple of requested topics Windows vs Linux Trusted Computing Peer to Peer Systems OceanStore Peer to peer Systems and Other Topics December 7th 2005 Prof John Kubiatowicz http inst eecs berkeley edu cs162 Note Some slides and or pictures in the following are adapted from slides 2005 Silberschatz Galvin and Gagne 12 07 05 Requests for Final topics Some topics people requested Windows came from personal computer domain Add on to IBM PC providing a windowing user interface Became good at doing graphical interfaces Didn t have protection until Windows NT Multiple users supported starting with Window NT but can t necessarily have multiple GUIs running at same time About Device Drivers Well very complex topic Documentation associated with various operating systems Many similarities many differences Chapter 6 of The design and Implementation of the 4 4 BSD Operating System on reserve for this class Xbox vs Playstation etc Purchase separate products to get email web servers file servers compilers debuggers Targeted at high performance computation and I O High performance servers GUI historically lacking compared to Windows Protection model from beginning Well most of these are custom OSs Original Xbox ran modified version of Window 2000 New Xbox 360 rumored to run modified version of original Xbox OS i e a modified2 version of Windows 2000 Most important property Real Time scheduling Kubiatowicz CS162 UCB Fall 2005 Product differentiation model Linux came from long line of UNIX Mainframe OSs Good place to start Ability to meet scheduling deadlines Lec 27 2 Windows vs Linux More about device drivers Xbox Playstation gamecube etc operating systems Windows vs Linux Trusted computing platforms 12 07 05 Kubiatowicz CS162 UCB Fall 2005 Lec 27 3 Multiple users supported at core of OS Full function Mainframe OS email web servers file servers ftp servers compilers debuggers etc 12 07 05 Kubiatowicz CS162 UCB Fall 2005 Lec 27 4 Windows vs Linux Internal Structure is different Windows vs Linux Windows XP evolved from NT which was a microkernel Perceptions Windows has more bugs is more vulnerable to viruses Core executive runs in protected mode Many services run in user mode Although Windowing runs inside kernel for performance Object oriented design communication by passing objects Event registration model many subsystems can ask for callbacks when events happen Loadable modules for device drivers and system extension True Hard to say for sure More Windows systems more interesting for hackers Linux simpler to manage True Well Windows has hidden info e g registry Linux has all configuration available in clear text Microsoft is untrustworthy Many distrust the man Quick to adopt things like Digital Rights Management DRM Quick to embrace new models of income such as software rental which counter traditional understanding of software Linux Evolved from monolithic kernel Many portions of kernel operate in same address space Loadable modules for device drivers and system extension Fewer layers higher performance Source Code development model Windows closed code development Must sign non disclosure to get access to source code Cathedral model of development only Microsoft s developers produce code for Windows Windows is slow This definitely seemed to be true with earlier versions Less true now but complexity may still get in way Why choose one over other Which has greater diversity of graphical programs Probably Windows Which cheaper Well versions of Linux are free Which better for developing code and managing servers Linux open development model 12 07 05 All distributions make source code available to analyze Bazaar model of development many on the net contribute to making Linux distribution Kubiatowicz CS162 UCB Fall 2005 Lec 27 5 Trusted Computing Problem Can t trust that software is correct A solution What if there were a secure way to validate all software running on system Idea Compute a cryptographic hash of BIOS Kernel crucial programs etc Then if hashes don t match know have problem Further extension Secure attestation ability to prove to a remote party that local machine is running correct software Reason allow remote user to avoid interacting with compromised system Challenge How to do this in an unhackable way Must have hardware components somewhere Kubiatowicz CS162 UCB Fall 2005 Lec 27 6 TCPA Trusted Computing Platform Alliance Viruses Worms install themselves into kernel or system without users knowledge Rootkit software tools to conceal running processes files or system data which helps an intruder maintain access to a system without the user s knowledge How do you know that software won t leak private information or further compromise user s access 12 07 05 12 07 05 Probably Linux although this is changing OS API e g Kubiatowicz system CS162 calls UCB definitely seem simpler Fall 2005 Lec 27 7 Idea Add a Trusted Platform Module TPM Founded in 1999 Compaq HP IBM Intel Microsoft Currently more than 200 members Changes to platform Extra Trusted Platform Module TPM Software changes BIOS OS Main properties Secure bootstrap Platform attestation Protected storage Microsoft version Palladium Note quite same More extensive hardware software system 12 07 05 ATMEL TPM Chip Used in IBM equipment Kubiatowicz CS162 UCB Fall 2005 Lec 27 8 Trusted Platform Module TCPA PCR Reporting Value Functional Units Non volatile Memory Volatile Memory Random Num Generator SHA 1 Hash Endorsement Key 2048 Bits Storage Root Key 2048 Bits RSA Key Slot 0 RSA Key Slot 9 Owner Auth Secret 160 Bits HMAC RSA Encrypt Decrypt RSA Key Generation Platform Configuration Register extended value TPM Reset at boot time to well defined value Only thing that software can do is give new measured value to TPM Key Handles Auth Session Handles TPM takes new value concatenates with old value then hashes result together for new PCR Measuring involves hashing components of software Hashing SHA 1 HMAC Random number generator Asymmetric key generation RSA 512 1024 2048 Asymmetric encryption decryption RSA Symmetric encryption decryption DES 3DES AES Tamper resistant hash and key storage 12 07 05 Kubiatowicz CS162 UCB Fall 2005 Lec 27 9 TCPA Secure bootstrap Hardware BIOS boot block Option ROMs OS loader BIOS Root of trust in integrity measurement Integrity reporting report the value of the PCR Challenge response protocol Challenger nonce Trusted Platform Agent
View Full Document
Unlocking...