HAP Program Release 2 (HAPR2) - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Information Assurance Menus

Information Assurance Menu

Information Assurance About IA at NSA Partners Rowlett Awards Award Recipients Background Nomination Procedures Links IA News IA Events Open for Registration Closed for Registration Scheduled IA Guidance Media Destruction Guidance Security Configuration Guides Applications Archived Guides Cisco Router Guides Current Guides Database Servers Fact Sheets IPv6 Operating Systems Apple Mac Operating Systems Linux Microsoft Windows Sun Solaris Supporting Documents Switches VoIP and IP Telephony Vulnerability Technical Reports Web Server and Browser Guides Wireless Standards Profiles System Level IA Guidance TEMPEST Overview TEMPEST Products: Level I Certified Confirmed Deficiencies Suspended Terminated No Longer Produced TEMPEST Products: Level II Certified Confirmed Deficiencies Suspended Terminated No Longer Produced TEMPEST Company POCs Certified Suspended Terminated TEMPEST Zoned Equipment IA Academic Outreach National Centers of Academic Excellence in IA Education CAE/IAE Program Criteria CAE-R Program Criteria Colloquium Institutions SEAL Program Applying FAQs IA Courseware Evaluation Program Institutions FAQs Student Opportunities IA Business and Research IA Business Affairs Office Certified Product Sales and Support Commercial COMSEC Evaluation Program Commercial Satellite Protection Program Independent Research and Development Program User Partnership Program National IA Research Laboratory Partnerships with Industry NIAP and COTS Product Evaluations IA Programs Global Information Grid High Assurance Platform Releases Computing Platform Architecture and Security Criteria IA Training and Rating Program Inline Media Encryptor Suite B Cryptography IA Careers Contact Information	Skip Search Box Searchbox HAP Program Release 2 (HAPR2) - NSA/CSS The HAP Program Release 2 (HAPR2) builds on and targets the same operational environment as HAPR1, with enhanced manageability and usability of the platform capabilities. From the user perspective, HAPR2 will be more flexible, easier to use, and easier to manage. HAPR2 includes all HAPR1 capabilities and adds remote monitoring and provisioning of the platform, management of virtual machines, configuration options for setting up security domains, and autonomous response to failures detected by the remote attestation process. HAPR2 maximizes the use of hardware-assisted security mechanisms provided by the processor and chipset by incorporating device driver isolation, supporting multi-core processor architectures, and providing the ability to measure user applications. HAPR2 Assurable Computing Platform Capabilities This section describes the hardware-based computing platform technologies that are demonstrated in HAPR2. Since HAPR2 builds on HAPR1, this section describes the additional capabilities that are not included in HAPR1. For the capabilities that are similar, this section will reference HAPR1. Hardware-Assisted Virtualization Technology Same as HAPR1 Hardware-Assisted Attestation In addition to measuring the critical software that is required for the platform to boot securely (as in HAPR1)¹, HAPR2 has the ability to measure VMs and applications running in VMs. Additionally, HAPR2 adds the ability for the platform to verify its integrity (via attestation) periodically, at the request of an administrator or while performing a software update. Late Launch The HAPR2 implementation will take advantage of the Intel TXT Dynamic Root of Trust for Measurement (DRTM), which allows the platform to do a "late launch" of a measured environment at any time. With this “late launch” capability, one or more secure collaboration environments can execute concurrently with non-measured environments on the same platform without a system reboot. Direct Memory Access (DMA) Protection Memory paging mechanisms can provide sufficient protections from any software process attempting to access a physical page, but do not control the ability for DMA-capable devices to directly access a physical memory page. DMA remapping hardware logic in the chipset sits in between the DMA-capable peripheral devices and the physical memory. This enables system software (the VMM, or in the case of non-virtualized environments, the operating system) to create one or more DMA protection domains, which are isolated subsets of allocated physical memory. In HAPR2, DMA protection is used to protect the system software that manages the hardware from DMA-capable devices. HAPR2 Operational Description At a high-level HAPR2 will support a threat environment similar to the one described for HAPR1 plus the additional threats that exist when adding the functionality and flexibility to perform remote monitoring and provisioning on the platform. HAPR2 considerably increases the manageability and usability of the platform and adds capabilities that increase the functionality of the platform. In addition to the HAPR1 capabilities, HAPR2 provides the following security and functional capabilities: Remote Administration: provides the ability to remotely administer the HAPR2 platform, VMs, and user account. Flexible Configuration of Security Domains: provides flexible configuration options for setting up security domains. Automated Attestation Actions: provides automated configurable actions when attestation process fails Device Driver Isolation: assures that a device driver is contained within a secure environment, thus reducing potential exploits or problems created by rogue hardware and drivers. DMA Protection: enables system to protect critical software from DMA-capable devices that have direct access to physical memory. Dynamic Attestation: ability to perform attestation periodically, at the request of an administrator or while performing specific actions (e.g., software updates) Flexible Management of VMs: ability to backup, copy, and configure VMs Late Provisioning: remotely install platform software while running a guest operating system. Secured VM Transport: provides for a secure and trusted communication channel between Virtual Machines on the HAP. HAPR2 Operational Description Same as HAPR1 Operational Environment Same as HAPR1 1. Please refer to HAPR1 Hardware-Assisted Attestation for an overview description on attestation and what is implemented in HAPR1.
	Date Posted: Nov 14, 2008 \| Last Modified: Nov 14, 2008 \| Last Reviewed: Nov 14, 2008

bottom