Filters








2,389 Hits in 5.9 sec

Addressing covert termination and timing channels in concurrent information flow systems

Deian Stefan, Alejandro Russo, Pablo Buiras, Amit Levy, John C. Mitchell, David Maziéres
2012 Proceedings of the 17th ACM SIGPLAN international conference on Functional programming - ICFP '12  
We address concurrent termination and timing channels by presenting a dynamic information-flow control system that mitigates and eliminates these channels while allowing termination and timing to depend  ...  While this termination covert channel has limited bandwidth for sequential programs, it is a more dangerous source of information leakage in concurrent settings.  ...  This work was funded by DARPA CRASH under contract #N66001-10-2-4088, by multiple gifts from Google, and by the Swedish research agencies VR and STINT. D.  ... 
doi:10.1145/2364527.2364557 dblp:conf/icfp/StefanRBLMM12 fatcat:otvnjixvrbb2pcy2hh7uogyz5i

Addressing covert termination and timing channels in concurrent information flow systems

Deian Stefan, Alejandro Russo, Pablo Buiras, Amit Levy, John C. Mitchell, David Maziéres
2012 SIGPLAN notices  
We address concurrent termination and timing channels by presenting a dynamic information-flow control system that mitigates and eliminates these channels while allowing termination and timing to depend  ...  While this termination covert channel has limited bandwidth for sequential programs, it is a more dangerous source of information leakage in concurrent settings.  ...  This work was funded by DARPA CRASH under contract #N66001-10-2-4088, by multiple gifts from Google, and by the Swedish research agencies VR and STINT. D.  ... 
doi:10.1145/2398856.2364557 fatcat:ly7feqduejbz7hpi7xx6fr5cg4

Managing the risk of covert information flows in virtual machine systems

Trent Jaeger, Reiner Sailer, Yogesh Sreenivasan
2007 Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT '07  
Typically, covert channels are outside of access control policies, but we propose an approach that includes both overt flows and covert flows to assess the possible risk of information leakage due to their  ...  Further, we examine how such policies will be enforced in VM systems. We find that variants of the Chinese Wall model and Bell-LaPadula model have features necessary to express risk flow policies.  ...  Since Oil-A and Oil-B are in a common conflict set, a Oil-B VM may not be loaded on the system until the Oil-A VM is terminated. Definition 6 : 6 TCB Covert Information Flows at Time t..  ... 
doi:10.1145/1266840.1266853 dblp:conf/sacmat/JaegerSS07 fatcat:cjnfr6d72jcmthmo2lsa4nph7m

Language-based information-flow security

A. Sabelfeld, A.C. Myers
2003 IEEE Journal on Selected Areas in Communications  
Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies.  ...  In this article we survey the past three decades of research on information-flow security, particularly focusing on work that uses static program analysis to enforce information-flow policies.  ...  Hicks for helpful comments and the anonymous reviewers for useful feedback.  ... 
doi:10.1109/jsac.2002.806121 fatcat:elktqhzkyfcqhb7kcghzi4j3pe

Starvation-free secure multiversion concurrency control

Heung-Taek Kim, Myoung Ho Kim
1998 Information Processing Letters  
Concurrency control is important for multilevel secure databases because a covert channel can be easily created through collaboration of multilevel transactions in most traditional concurrency control  ...  We present concepts of an invisible area and a t-lock to prevent retrieval anomaly and starvation of high transactions that may often occur in the previous works on secure concurrency control.  ...  Although the Bell-LaPadula model controls information flows explicitly by read and write operations, there may be illegal and unprotected flows of information via a covert channel [ 1,2,5-g].  ... 
doi:10.1016/s0020-0190(98)00014-3 fatcat:lwjpwbig4raxzjzy3pauphzwgq

Foundations for Parallel Information Flow Control Runtime Systems [chapter]

Marco Vassena, Gary Soeller, Peter Amidon, Matthew Chan, John Renner, Deian Stefan
2019 Research Series on the Chinese Dream and China's Development Path  
We present the foundations for a new dynamic information flow control (IFC) parallel runtime system, LIOPAR.  ...  To our knowledge, LIOPAR is the first dynamic language-level IFC system to (1) support deterministic parallel thread execution and (2) eliminate both internaland external-timing covert channels that exploit  ...  Memory retention and exhaustion can also be used as covert channels. In addressing those covert channels, LIO PAR also addresses the DOS attacks outlined by these efforts.  ... 
doi:10.1007/978-3-030-17138-4_1 dblp:conf/post/VassenaSACRS19 fatcat:yyvea7dydrd75bhyycsgxbn3iy

Concurrency Control for Multilevel Secure Databases

Navdeep Kaur, Rajwinder Singh, Manoj Misra, Anil Kumar Sarje
2009 International Journal of Network Security  
In MLS/DBMSs, coordination of transactions at different security levels is needed to avoid both covert channels and the starvation of high security level transactions.  ...  In this paper we outline the transaction processing requirements in MLS/DBMSs, and survey the mechanisms proposed to address these requirements and propose a new secure multiversion concurrency control  ...  There are two types of covert channels: storage covert channels and timing covert channels.  ... 
dblp:journals/ijnsec/KaurSMS09 fatcat:ejaivhtckzgptcyxa73samowlq

Nickel: A Framework for Design and Verification of Information Flow Control Systems

Helgi Sigurbjarnarson, Luke Nelson, Bruno Castro-Karney, James Bornholt, Emina Torlak, Xi Wang
2018 USENIX Symposium on Operating Systems Design and Implementation  
Nickel is a framework that helps developers design and verify information flow control systems by systematically eliminating covert channels inherent in the interface, which can be exploited to circumvent  ...  Our experience shows that Nickel is effective in identifying and ruling out covert channels, and that it can verify noninterference for systems with a low proof burden.  ...  This work was supported in part by DARPA under contract FA8750-16-2-0032, by NSF under grant CCF-1651225, and by a Google Faculty Award.  ... 
dblp:conf/osdi/Sigurbjarnarson18 fatcat:hcsjyy2ijfc6zjibtohvyisreq

Eliminating Cache-Based Timing Attacks with Instruction-Based Scheduling [chapter]

Deian Stefan, Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, David Mazières
2013 Lecture Notes in Computer Science  
In this paper, we show that concurrent deterministic IFC systems that use time-based scheduling are vulnerable to a cache-based internal timing channel.  ...  Information flow control allows untrusted code to access sensitive and trustworthy information without leaking this information.  ...  Acknowledgments This work was funded by DARPA CRASH under contract #N66001-10-2-4088, by multiple gifts from Google, and by the Swedish research agency VR and STINT.  ... 
doi:10.1007/978-3-642-40203-6_40 fatcat:h7whic3vareuhicyqtgyplpwfe

Maintaining integrity constraints and security in real-time database systems [chapter]

Q. N. Ahmed, S. V. Vrbsky
1998 Integrity and Internal Control in Information Systems  
Many real-time database systems are contained in environments that exhibit restricted access to information, such as government agencies, hospitals and military institutions, where mandatory access control  ...  We propose a new concurrency control algorithm for secure real-time databases. We implement the algorithm and study the performance using a real-time database system simulation model.  ...  As a result, it is possible to have an indirect flow of information from objects at higher levels to subjects at lower levels due to a covert channel (Moskowitz 1994 , Qian 1994 .  ... 
doi:10.1007/978-0-387-35396-8_13 fatcat:57jvraefqzaq3kwgwqycauuhwu

A survey of microarchitectural timing attacks and countermeasures on contemporary hardware

Qian Ge, Yuval Yarom, David Cock, Gernot Heiser
2016 Journal of Cryptographic Engineering  
Microarchitectural timing channels expose hidden hardware state though timing.  ...  We finally discuss trends in the attacks, challenges to combating them, and future directions, especially with respect to hardware support.  ...  Acknowledgements We would like to thank Toby Murray for his comments and feedback.  ... 
doi:10.1007/s13389-016-0141-6 fatcat:7fvkr7h54rbl5mx6vrochsgtkm

Survey of Transient Execution Attacks [article]

Wenjie Xiong, Jakub Szefer
2020 arXiv   pre-print
Since the first disclosure of Spectre and Meltdown attacks in January 2018, a number of new attack types or variants of the attacks have been presented.  ...  Moreover, the data that can be leaked in the attacks are summarized. Further, the existing attacks are compared, and the limitations of these attacks are discussed based on the proposed metrics.  ...  ACKNOWLEDGEMENTS is work was supported in part by NSF grants 1651945 and 1813797, and through SRC award number 2844.001.  ... 
arXiv:2005.13435v2 fatcat:fuigp3ipqnbghlf5dch2r6zp5u

A security domain model to assess software for exploitable covert channels

Alan B. Shaffer, Mikhail Auguston, Cynthia E. Irvine, Timothy E. Levin
2008 Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security - PLAS '08  
Covert channels can result in unauthorized information flows when exploited by malicious software.  ...  To address this problem, we present a precise, formal definition for covert channels, which relies on control flow dependency tracing through program execution, and extends Dennings' and subsequent classic  ...  Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the ONR or the NSF.  ... 
doi:10.1145/1375696.1375703 dblp:conf/pldi/ShafferAIL08 fatcat:bwcg7pn4mbd7dixn5txmpvosqe

A Library for Removing Cache-Based Attacks in Concurrent Information Flow Systems [chapter]

Pablo Buiras, Amit Levy, Deian Stefan, Alejandro Russo, David Mazières
2014 Lecture Notes in Computer Science  
Unfortunately, untrusted code might exploit some covert channels in order to reveal information. In this paper, we focus on the LIO concurrent IFC system.  ...  ., the CPU cache), LIO is susceptible to attacks that leak information through the internal timing covert channel. We present a resumption-based approach to address such attacks.  ...  Acknowledgments We would like to thank Josef Svenningsson and our colleagues in the ProSec and Functional Programming group at Chalmers for useful comments.  ... 
doi:10.1007/978-3-319-05119-2_12 fatcat:fxownuelz5ayxfrltv25s2f5xq

A Library for Removing Cache-Based Attacks in Concurrent Information Flow Systems [chapter]

Pablo Buiras, Amit Levy, Deian Stefan, Alejandro Russo, David Mazières
2014 Lecture Notes in Computer Science  
Unfortunately, untrusted code might exploit some covert channels in order to reveal information. In this paper, we focus on the LIO concurrent IFC system.  ...  ., the CPU cache), LIO is susceptible to attacks that leak information through the internal timing covert channel. We present a resumption-based approach to address such attacks.  ...  Acknowledgments We would like to thank Josef Svenningsson and our colleagues in the ProSec and Functional Programming group at Chalmers for useful comments.  ... 
doi:10.1007/978-3-319-14128-2_12 fatcat:i2tgbnnztnbejpihiypkbpmqf4
« Previous Showing results 1 — 15 out of 2,389 results