Filters








57 Hits in 4.6 sec

Donky: Domain Keys - Efficient In-Process Isolation for RISC-V and x86

David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, Daniel Gruss
2020 USENIX Security Symposium  
Efficient and secure in-process isolation is in great demand, as evidenced in the shift towards JavaScript and the recent revival of memory protection keys.  ...  We propose Donky, an efficient hardware-software codesign for strong in-process isolation based on dynamic memory protection domains.  ...  Additional funding was provided by generous gifts from Intel and from Cloudflare.  ... 
dblp:conf/uss/SchrammelWSS0MG20 fatcat:f3rywxsejbdgbpomcyhhzre42q

EnclaveDom: Privilege Separation for Large-TCB Applications in Trusted Execution Environments [article]

Marcela S. Melara, Michael J. Freedman, Mic Bowman
2020 arXiv   pre-print
To evaluate the security and performance impact of EnclaveDom, we integrated EnclaveDom with the Graphene-SGX library OS.  ...  EnclaveDom is implemented on Intel SGX using Memory Protection Keys (MPK) for memory tagging.  ...  Acknowledgments We thank Mingwei Zhang, Michael Steiner, Bruno Vavala, Prakash Narayana Moorthy, Dmitrii Kuvaiskii, Mona Vij, Michael LeMay, Thomas Knauth, and Vinnie Scarlata for their feedback and insightful  ... 
arXiv:1907.13245v2 fatcat:ueoh2f5vizhdznbkgiesicaguu

ERIM: Secure, Efficient In-process Isolation with Memory Protection Keys (MPK) [article]

Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler, Peter Druschel, Deepak Garg
2019 arXiv   pre-print
The key idea is to combine protection keys (MPKs), a feature recently added to x86 that allows protection domain switches in userspace, with binary inspection to prevent circumvention.  ...  Isolating sensitive state and data can increase the security and robustness of many applications.  ...  In concurrent work [21] , Hedayati et al. describe how to isolate userspace libraries using VMFunc or Intel MPK.  ... 
arXiv:1801.06822v5 fatcat:jndx6cko2zgf7je2nfscnb2mpm

The Endokernel: Fast, Secure, and Programmable Subprocess Virtualization [article]

Bumjin Im
2021 arXiv   pre-print
We present, the Endokernel, a new process model and security architecture that nests an extensible monitor into the standard process for building efficient least-authority abstractions.  ...  Our prototype, includes a new syscall monitor, the nexpoline, and explores the tradeoffs of implementing it with diverse mechanisms, including Intel Control Enhancement Technology.  ...  Intel ® Memory Protection Keys (MPK) MPK [29] extends page tables with a 4-bit tag for labeling each mapping.  ... 
arXiv:2108.03705v2 fatcat:tovxud33k5crnlpqmnsrd4mfmu

FlexOS: Towards Flexible OS Isolation [article]

Hugo Lefeuvre, Vlad-Andrei Bădoiu, Alexander Jung, Stefan Teodorescu, Sebastian Rauch, Felipe Huici, Costin Raiciu, Pierre Olivier
2022 arXiv   pre-print
At design time, modern operating systems are locked in a specific safety and isolation strategy that mixes one or more hardware/software protection mechanisms (e.g. user/kernel separation); revisiting  ...  This modular LibOS is composed of fine-grained components that can be isolated via a range of hardware protection mechanisms with various data sharing strategies and additional software hardening.  ...  Acknowledgements We would like to thank the anonymous reviewers, and our shepherd, Gerd Zellweger, for their comments and insights.  ... 
arXiv:2112.06566v3 fatcat:utcv5fawy5b47jhztwwtu33ura

Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX [article]

Yuan Chen, Jiaqi Li, Guorui Xu, Yajin Zhou, Zhi Wang, Cong Wang, Kui Ren
2020 arXiv   pre-print
Since its debut, SGX has been used in many applications, e.g., secure data processing.  ...  It leverages Intel MPK for efficient memory isolation and the x86 single-step debugging mechanism to capture the event when an enclave is existing.  ...  Usage of Intel MPK and SGX Intel MPK provides a hardware primitive to implement efficient intra-process isolation [31, 16, 30] .  ... 
arXiv:2010.12400v1 fatcat:mcsmo5sptbeergw63kfyel7iiy

Unlimited Lives: Secure In-Process Rollback with Isolated Domains [article]

Merve Turhan, Thomas Nyman, Christoph Bauman, Jan Tobias Mühlberg
2022 arXiv   pre-print
We propose secure rollback of isolated domains as an efficient and secure method of improving the resilience of software targeted by run-time attacks.  ...  We show the practicability of our methodology by realizing a software library for Secure Domain Rollback (SDRoB) and demonstrate how SDRoB can be applied to real-world software.  ...  We further thank Stijn Volckaert and his team at KU Leuven -Ghent for providing the infrastructure to run our experiments, and for his feedback on our work.  ... 
arXiv:2205.03205v1 fatcat:oxfh7viwrrb4ffdodxrl2ru4pm

Shining Light On Shadow Stacks [article]

Nathan Burow, Xinping Zhang, Mathias Payer
2019 arXiv   pre-print
Shadow Stacks are a fully precise mechanism for protecting backwards edges, and should be deployed with CFI mitigations.  ...  We present case studies of our implementation of such a design, Shadesmar, on Phoronix and Apache to demonstrate the feasibility of dedicating a general purpose register to a security monitor on modern  ...  This research was supported by ONR awards N00014-17-1-2513, by CNS-1801601, and a gift from Intel corporation.  ... 
arXiv:1811.03165v2 fatcat:dff2u4n62jdafmuyzwftddhssy

SoK: Hardware Security Support for Trustworthy Execution [article]

Lianying Zhao, He Shuang, Shengjie Xu, Wei Huang, Rongzhen Cui, Pushkar Bettadpur, David Lie
2019 arXiv   pre-print
In recent years, there have emerged many new hardware mechanisms for improving the security of our computer systems.  ...  Hardware offers many advantages over pure software approaches: immutability of mechanisms to software attacks, better execution and power efficiency and a smaller interface allowing it to better maintain  ...  The compiler and run-time library instrument the monitored code with new instructions to manage bounds.  ... 
arXiv:1910.04957v1 fatcat:5luczjg34ve67nm73xso5xhzx4

Dynamic attribute-based privacy-preserving genomic susceptibility testing

Mina Namazi, Cihan Eryonucu, Erman Ayday, Fernando Pérez-González
2019 Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing - SAC '19  
Also, we guarantee to protect the privacy of individuals in our proposed scheme. CCS CONCEPTS • Security and privacy → Privacy-preserving protocols;  ...  We determine the challenges for the computations required to process the outsourced data and access control simultaneously within patient-doctor interactions.  ...  We implement and examine our program using C++. The test environment is a Mac OSX operating system with Intel Core i5 processor, and the key size has 1024−bit length.  ... 
doi:10.1145/3297280.3297428 dblp:conf/sac/NamaziEAP19 fatcat:tbdqdgoszbeyldmouf7p4dvap4

CAP-VMs: Capability-Based Isolation and Sharing for Microservices [article]

Vasily A. Sartakov, Lluís Vilanova, David Eyers, Takahiro Shinagawa, Peter Pietzuch
2022 arXiv   pre-print
MMU approaches, however, lead to cloud stacks with large TCBs in kernel space, and the page granularity requires inefficient OS interfaces for data sharing.  ...  A cVM may include a library OS, minimizing its dependency on the cloud environment. cVMs efficiently exchange data through two capability-based primitives assisted by a small trusted monitor: (i) an asynchronous  ...  Acknowledgements This work was partially funded by the UK Government's Industrial Strategy Challenge Fund (ISCF) under the Digital Security by Design (DSbD) Programme.  ... 
arXiv:2202.05732v1 fatcat:cwxrqi7ma5bb5eokwpcpscz4vy

IRON

Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, Sergey Gorbunov
2017 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17  
We argue security by modeling FE in the context of hardware elements, and prove that Iron satisfies the security model. *  ...  Functional encryption (FE) is an extremely powerful cryptographic mechanism that lets an authorized entity compute on encrypted data, and learn the results in the clear.  ...  After this point, an adversary who is in possession of the hardware can monitor and tamper with all the input coming in to the hardware and the corresponding outputs. Naveed et al.  ... 
doi:10.1145/3133956.3134106 dblp:conf/ccs/FischVBG17 fatcat:mr25zv2g7baalmzal72mrkhslq

MicroStache: A Lightweight Execution Context for In-Process Safe Region Isolation [chapter]

Lucian Mogosanu, Ashay Rane, Nathan Dautenhahn
2018 Lecture Notes in Computer Science  
In this work we present, MicroStache, a specialized hardware mechanism and new process abstraction for accelerating safe region security solutions.  ...  in the processor cache, allowing it to protect against cache side channel attacks.  ...  In this way, each privileged operation must perform a domain switch, leaving regular instructions unchanged. Intel SGX, VMFUNC, and MPK, as well as ARM TrustZone provide domain switch isolation.  ... 
doi:10.1007/978-3-030-00470-5_17 fatcat:l6mtbpq4b5g3xkuufhwu76u7bq

Enclave-Aware Compartmentalization and Secure Sharing with Sirius [article]

Zahra Tarkhani, Anil Madhavapeddy
2020 arXiv   pre-print
e.g. threads, processes, address spaces, files, sockets, pipes) in both the secure and normal worlds.  ...  Sirius replaces ad-hoc interactions in current TEE systems with a principled approach that adds strong inter- and intra-address space isolation and effectively eliminates a wide range of attacks.  ...  EnclaveDom [54] utilizes Intel MPK to provide in-enclave memory isolation, and MPTEE [98] uses Intel MPX for providing protected shared memory.  ... 
arXiv:2009.01869v3 fatcat:bgqsmluzdjdkxliiun6ttijqty

Towards Time-Sensitive and Verifiable Data Aggregation for Mobile Crowdsensing

Tao Zhang, Xiongfei Song, Lele Zheng, Yani Han, Kai Zhang, Qi Li, Athanasios V. Vasilakos
2021 Security and Communication Networks  
Mobile crowdsensing combined with edge computing can improve service response speed, security, and reliability.  ...  Moreover, IoT devices can verify outsourced computing, and edge nodes can verify and filter aggregated data. Finally, the security of the proposed scheme is theoretically proved.  ...  In our proposed scheme, all data will be added with the timestamp, and the timestamp is protected by a hash function with a secret key.  ... 
doi:10.1155/2021/6679157 fatcat:naxjxuwbvjbcfmhbndve4ntzbm
« Previous Showing results 1 — 15 out of 57 results