Title: Securing Applications With Firmware (Going Beyond TCPA Platform Security) Dr. Robert W. Baldwin Bob_Baldwin@phoenix.com Chief Scientist
1Securing Applications With Firmware(Going Beyond
TCPA Platform Security)Dr. Robert W.
BaldwinBob_Baldwin_at_phoenix.comChief Scientist
2Outline
- Who is Phoenix Technologies?
- What is Phoenix doing in Security?
- Current Future Partners
3Phoenix Dominates PC BIOS
- BIOS Initialize Manage PC Motherboard
Devices - Phoenix is 21 Years Old
- 80 PC Market Share
- gt 100 Million in 2001
- Expanding to
- Set Top Box
- Internet Appliance
- Wireless Handheld
- Prior Success With
- Power Management
- Plug n Play
- USB
100 Million PCs in 2001
4Phoenix Partners Customers
5Phoenix FirstWare Opportunity
- Motherboard Includes Protected Execution
Environment - Past
- Power Management
- USB, Plug n Play
- Now
- Firmware Smart Card for Each Application
- Application Integrity Access Control
- RSA, AES, SHA1-HMAC
- World Wide Trust Infrastructure(PKI Initializes
AES Smart Cards)
Application
Win OS
StrongROM
6Phoenix FirstWare Opportunity
- Bind Data (Cryptographic Seal Unseal)
- to Specific Application on Specific Device
- App-Device Pair Registered with Enterprise or
Merchant - Checks Signature on In-Memory Application Code
- Viruses, Tampering, Reverse Engineering
Application
App Data
7FirstWare Architecture
Operating System Driver
Runtime
SMI
SMRAM
RAM Buffer
Pre-boot
BIOS
Hidden NVRAM
StrongROM
ROM
H/W
Processor
Chipset
I/O
Motherboard
8FirstWare Product Areas
- Check the Virus Checker OS Loader
- One-Time Password Authentication
- Convenient Two-Factor Challenge-Response
- VPN Client, RAS Dial-Up, SSL Web Access
- Protect RSA Private Key Certificate
- VPN Client Certificate, E-Mail, Purchasing Card
- Software Licensing Content DRM
- Device Asset Control Tracking
9FirstWare Deployment
New PC, Handheld, Set Top
Phoenix cryptographic engine security keys
Phoenix StrongROM on motherboard
Legacy Non-Phoenix Devices
Application Includes StrongClient WDM
10Working With Security Partners
- Chips Vendors
- Motherboard PC Makers
- OS Vendors
- Wireless Handheld
- Security App Vendors
- Financial App Vendors
- DRM Vendors
- Trust Infrastructure Providers