The 1.1 version of the modules have been updated with minor fixes,
with the exception of the tboot module which is new and the
registration module, which contains the LCP_Update program.
Tboot and LCP_Update work together to ensure that the base OS
has not been tampered with prior to bootloading the system. Most
of the other modules have minimal changes, except for man pages
for most of the programs.
Secure Authentication Modules (SAMSON)
The secure authentication modules are a set of modules that, working
together, allow a system adminstrator to determine if a client system
has been compromised, or is running authorized software, prior to
allowing that sytem to have access to the broader network. See the
Wiki for more information.
The modules are designed to run on two different platforms, a client
system, and an attestation server. As the attestation server is the
key to remote authentication, it should be a dedicated system that
haso only a single interface - the connectiion from the 802.1x switch,
through which requests for authentication are received, and thought
which commands to the swithc to either allow or disallow access for a
given system are passed.
There is a third system potentially in use here. A number of the tools
are designed to be run at the time that a software distribution is
created. These have to do with the creation of a Reference Integrity
Measurement Manifest (RIMM) file, which is used to determine if the
software on the client system has been compromised. These tools reside
in the rimm_tools module.
The first release of these modules is designed to run on a RedHat
Enterprise Linux 5.4 system. They should run on either a 32 or 64 bit
system.
SOFTWARE PREPARATION SYSTEM
This system is the one used to build the RIMM file. This is a list of
all of the executable programs and important system files that are to
be checked for tampering. There are two modules that are used on this
system:
RIMM Tools
This module contains the tools requied to actually build the RIMM. It
is provided as a source rpm.
RIMM Library
This module is a set of routines used to access various rimm
functions. It is actually used on all three systems, attestation
server, client system, and the software distribution system that
generates the RIMM. It is provided as a source rpm.
CLIENT SYSTEM
kernel-2.6.18-164.15.1.gd
This module contains the patches to implement the IMA logic in the
kernel. It is based on the final 5.4 kernel release. It is provided as
a source rpm, with a modified spec file to pick up the additional
patches required for attestation.
trousers
This module is present only because the standard trousers version
available in RHEL5 is 0.3.1.4, and attestation requires trousers
>=0.3.2.1. It has a single patch to correct a problem with 64 bit
compilation. it is provided as a source rpm, with a modified spec file
includng the additional patches required. This module is provided as a
convenience, any later version of trousers that runs on RHEL5.4 should
work as well.
Attestation Utilities
This module a a library of useful routines for dealing with an IMR. It
is provided as a source rpm. See the wiki for futher details.
Client Registration
This module contains the tools required to take ownership of the TPM,
force the measurement of arbitrary files, and to generate some golden
values and a certificate signing request (CSR). The golden values and
CSR should be transported to the attestation server prior to the system
being deployed. These tools should be run immediately after installation
of the software, while the system is in a trusted state. This module is
provided as a source rpm.
RIMM Library
This module is a set of routines used to access various rimm
functions. It is actually used on all three systems, attestation
server, client system, and the software distribution system that
generates the RIMM. It is provided as a source rpm.
Platform Trust Services
This module implements a subset of the commands defined by the Trusted
Computing Group standard for IFPTS. It is responsibe for receiving
commands from the IMC and converting those commands into instructions
to the TPM and for assembling the IMR upon request. It is provided as
a source rpm.
Integrity Measurement Collector (IMC)
This module implements a subset of the commands defined by the Trusted
Computing Group standard for IFIMC. It is responsibe for receiving
commands from the TNCC and converting those commands into detailed
commands for PTS. It recieves the completed IMR from PTS and forwards
it to TNCC. It is provided as a source rpm.
Trusted Network Connect Client (TNCC)
This module implements a subset of the commands defined by the Trusted
Computing Group standard for IFTNCCS. It is responsibe for receiving
commands from hostimserver and forwarding those commands to IMC. It
recieves the completed IMR from IMC and forwards it to hostimserver.
It is provided as a source rpm.
hostimserver
This module is a part of TNCC. it is designed to act as an interface
between wpa_supplicant and TNCC, converting the socket interface to
wpa-supplicant to the named pipes paradigm used by the TCG Interface
Library.It will forward the request for an IMR from wpa-supplicant to
TNCC, and receive the IMR from TNCC. It will then packetize the report
and send it to wpa_supplicant over the socket connection. It is
provided as a source rpm.
TCG Interface Library
Ths module is the set of "glue" routines used for communication
between the various TCG components (PTS, IMC, TNCC, and
hostimserver). It defines the messages between each layer, but also
the named pipe paradigm used for the actuall communication between
those components. it is provided as a source rpm. Note that there are
two unused directories contained in this rpm (backinc and
backcpp). These directories contain message definitions that are not
used in the current implmentation, but are part of the standards
defined by the TCG. They are included for future reference, but have
not been tested at all. This module is provided as a source RPM.
wpa-supplicant
This module provides the TLS connection to the attestation server. It
is based on the 0.6.3 version of this software, with patches to
implement the fast_tncs connection to the attestation server, and to
process the request for an IMR, and forward it to the hostimserver for
processing. it will receive the IMR from hostimserver and packetize
and forward to the attestion server for processing. it is provided as
a source rpm, with a modified spec file to pick up the additional
patches required for attestation.
ATTESTATION SERVER
Note; If you are using a standard RHEL5.4 system for your attestion
server, there is a bug in the standard openssl-0.9.8e-12 rpm that
causes TLS messages from freeradius to wpa-supplicant to be
truncated. It has been determined that version 0.9.8u from openssl.org
does not have this problem, so it is recommended that you upgrade your
openssl version to at least 0.9.8u prior to running this software.
The following modules are used on the attestion server:
freeradius-server
This module provides the overall framework for attestation. It
provides the primary interface for communicating with
wpa-supplicant. It receives a request to connect to the greater
network and establishes a secure connection to wpa_supplicant. When
that has been done, it forwards the quest to the fast_tncs logic,
which forwards a nonce to the client system with a request for an
IMR. This module is provided as a source rpm with a modified spec file
that contains the patches reuqired to build it for the specific
attestion purpose.
fast_tncs
This module provides the specific Trusted Network Connect Server logic
required for establishing a secure connection to wpa_supplicant and
for receiving the packetized IMR from wpa_supplicant. When the
complete IMR has been received, it invokes the verifyIMR library to
validate the IMR and provide a recommendation as to whether or not the
client system is to be allowed access to the broader network. This
module is provided as a source rpm.
verifyIMR
This module performs the actual verification of a client system
IMR. It will provide a recommendation to fast_tncs based on that
verification as to whether or not the system is to be allowed access
to the greateer network. It is provided as a source rpm.
RIMM Library
This module is a set of routines used to access various rimm
functions. It is actually used on all three systems, attestation
server, client system, and the software distribution system that
generates the RIMM. It is provided as a source rpm.
Key Manager
This module is used to process CSRs and golden PCR measurements from
the client systems. It will generate the actual AIK certificates and
safe store them as well as safe storing the golden PCR values and
modified PCR values if there is a mismatch during IMR
verification. This module is provided as a source rpm.
