hi alle,

in der Schul-Ag mit Ehemaligen kam immer wieder das experimentelle Betriebssystem Plan9 auf den Tisch, was u.a. von Russ Cox mit entwickelt wurde, speziell jetzt das Sicherheitssystem "Factotum" (TM). Hier agiert eine Art Keyring mit der UID des Users um Sicherheitsprotokolle zu "bedienen"(?) bzw. Verbindungen herzustellen. Die Schlüssel sind in einem Secstore gespeichert. Factotum kümmert sich, so wie ich/wir das verstehe/n, um sämtliche Sicherheitsprotokolle:

" The centerpiece of the new architecture is an agent, called factotum, that handles the user’s keys and negotiates all security interactions with system services and applications. Like a trusted assistant with a copy of the owner’s keys, factotum does all the negotiation for security and authentication. Programs no longer need to be compiled with cryptographic code; instead they communicate with factotum agents that represent distinct entities in the cryptographic exchange, such as a user and server of a secure service. If a security protocol needs to be added, deleted, or modified, only factotum needs to be updated for all system services to be kept secure. "

http://plan9.bell-labs.com/sys/doc/auth.html

Dort auch: "powerful user, such as root on Unix, then so does the attacker. Factotum allows us to constrain the privileged execution to a single process whose core is a few thousand lines of code. Verifying such a process, both through manual and automatic means, is much easier and less error prone than requiring it of all servers. "

Was mich, neben dem Versuch, das Konzept zu verstehen, gewundert hat, ist, dass es ein US-Patent gibt, was im Wesentlichen das zu beschreiben scheint, was Factotum bereits ist: "A number of techniques have been proposed or suggested for helping users to securely manage their account information and passwords. Lucent Technologies, Inc. of Murray Hill, N.J., for example, provides an architecture for securely managing user account information, referred to as the Factotum™ security system. Factotum stores a copy of the keys of a user and negotiates security transactions with applications and system services." (http://www.google.com/patents/US8112790).

Ich frage mich aktuell:

1. Wie genau funktioniert Factotum und ist es noch immer eine funktionierende Lösung?

2. Wie kann man überhaupt so ein Sicherheitskonzept patentieren lassen?

Zudem schein das Patent ja über Factotum hinaus zu gehen: "Among other benefits of the invention, the user client is not required to participate in a transaction performed by the remote application client on behalf of the user client. In addition, the remote application client can perform the actions on behalf of the user client without ever obtaining the one or more keys. Thus, the present invention increases the security and convenience of currently available key management techniques." Wobei ich nicht das _mehr_ erkennen kann.

Bei meiner ebigen Googelei fand ich noch SpyBlock bei der Stanford-Uni: "The SpyBlock use of virtualization for isolating a trusted component from the spywarevulnerable
environment is related to some other virtualization and visualization-like efforts. In
particular, NSA’s NetTop [25] architecture uses VMware to isolate processes at different security
levels running on the same physical hardware. Some alternatives are the GreenBorder [15] isolation
methods, and Featherweight Virtual Machines [38].
Another system that uses an isolated authentication agent to manage secrets on behalf of the
user is Plan 9’s “factotum” agent [10]. The project focused on the minimalistic, reliable, protocolagnostic
nature of the agent. Our emphasis is different — we provide specific protocols to protect
against known web threats, and tackle the hard problem of user interface spoofing attacks."

Sie beziehen sich auch auf Factotum, gehen wohl aber auch darüber hinaus. Interessant, dass am Ende noch was mit Javascript vorkommt: "Appendix: SpyBlock JavaScript API
A web server can initiate communication with the authentication agent by embedding the
following JavaScript snippets in a standard HTML page using the <script> tag. The JavaScript
request is passed through the application environment to the authentication agent.
Password hashing The script begins by checking whether the global window." ...

Würde mich mal interessieren, ob sich hier "jemand" mit "sowas" schon mal beschäftigt hat, und die genannten Konzepte (Factotum, US-Patent, SpyBlock) versteht.

mfg

tami