Enforcing Configurable Trust in Client-side Software Stacks by Splitting Information Flow

Enforcing Configurable Trust in Client-side Software Stacks by Splitting Information Flow (2007)

Cached

Download Links

by Lenin Singaravelu , Bernhard Kauer , Er Boettcher , Hermann Härtig , Calton Pu , Gueyoung Jung , Carsten Weinhold

Citations:

BibTeX

@MISC{Singaravelu07enforcingconfigurable,
    author = {Lenin Singaravelu and Bernhard Kauer and Er Boettcher and Hermann Härtig and Calton Pu and Gueyoung Jung and Carsten Weinhold},
    title = {Enforcing Configurable Trust in Client-side Software Stacks by Splitting Information Flow},
    year = {2007}
}

Bookmark

OpenURL

Abstract

Current client-server applications such as online banking employ the same client-side software stack to handle information with differing security and functionality requirements, thereby increasing the size and complexity of software that needs to be trusted. While the high complexity of existing software is a significant hindrance to testing and analysis, existing software and interfaces are too widely used to be entirely abandoned. We present a proxy-based approach called FlowGuard to address the problem of large and complex client-side software stacks. FlowGuard’s proxy employs mappings from sensitiveness of information to trustworthiness of software stacks to demultiplex incoming messages amongst multiple client-side software stacks. One of these stacks is a fully-functional legacy software stack and another is a small and simple stack designed to handle sensitive information. In contrast to previous approaches, FlowGuard not only reduces the complexity of software handling sensitive information but also minimizes modifications to legacy software stacks. By allowing users and service providers to define the mappings, FlowGuard also provides flexibility in determining functionality-security tradeoffs. We demonstrate the feasibility of our approach by implementing a FlowGuard, called BLAC, for

Citations

990	Xen and the art of virtualization - Barham, Dragovic, et al. - 2003
669	A Complexity Measure - McCabe - 1976
458	Language-based information-flow security - Sabelfeld, Myers
309	On µ-kernel construction - Liedtke - 1995
257	Terra: A virtual machine-based platform for trusted computing - Garfinkel, Pfaff, et al.
245	Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code - Engler, Chen, et al. - 2001
151	A brief survey of web data extraction tools - Laender, Ribeiro-Neto, et al.
151	EROS: A fast capability system - Shapiro, Smith, et al.
97	The performance of µ-kernel-based systems - Härtig, Hohmuth, et al. - 1997
93	Preventing Privilege Escalation - Provos, Friedl, et al. - 2003
64	Mining metrics to predict component failures - Nagappan, Ball, et al. - 2006
60	A safety-oriented platform for web applications - S, Hansen, et al. - 2006
57	Privtrans: Automatically partitioning programs for privilege separation - Brumley, Song - 2004
57	BrowserShield: Vulnerability-driven filtering of dynamic HTML - Reis, Dunagan, et al. - 2006
53	Securing software by enforcing data-flow integrity - Castro, Costa, et al. - 2006
47	Analyzing Integrity Protection in the SELinux Example Policy - Jaeger, Sailer, et al.
39	Splitting interfaces: Making trust between applications and operating systems configurable - Ta-min, Litty, et al. - 2006
37	Privman: A library for partitioning applications - Kilpatrick - 2003
36	Phinding phish: Evaluating antiphishing tools - Zhang, Egelman, et al. - 2007
35	Reducing TCB complexity for security-sensitive applications: Three case studies - Singaravelu, Pu, et al. - 2006
23	The Nizza Secure-System Architecture - Härtig, Hohmuth, et al. - 2005
23	Reducing TCB size by using untrusted components – small kernels versus virtualmachine monitors - Hohmuth, Peter, et al. - 2004
21	WWW electronic commerce and Java Trojan horses - Tygar, Whitten - 1996
18	Identifying Error-Prone Software – An Empirical Study - Shen, Yu, et al. - 1985
11	et al. A first step towards automated detection of buffer overrun vulnerabilities - Wagner - 2000
8	et al. Labels and event processes in the Asbestos operating system - Vandebogart, Efstathopoulos, et al.
4	BHO scanning tool and New Scam Targets Bank Customers. http://isc.sans.org /diary.php?date=2004-06-29 - Bambenek, Institute - 2004
3	Browser appliance virtual machine. http://www.vmware.com/vmtn/vm/ browserapp.html - VMware - 2005
3	Cross Site Reference Forgery: An introduction to a common web application weakness. http://www.isecpartners.com/ documents/XSRF_Paper.pdf - Burns - 2005
3	et al., Stronger Password Authentication Using Browser Extensions - Ross - 2005
2	Retail Web Site Performance: Consumer Reaction to a Poor Online Shopping Experience. http://www.akamai.com/4seconds - Research
2	Scarab Project. http://www.owasp.org/index .php/Category:OWASP_WebScarab_Project - Web
2	Integration of SELinux and security-typed languages - Hicks, Rueda, et al. - 2007
2	et al. High Performance VMM-Bypass I/O in Virtual Machines - Liu - 2006
2	Cross-Site Scripting Vulnerabilities. http://www.cert.org/archive/pdf/cross_site_scripting.pdf - Rafail
1	et al., Understanding Data Lifetime via Whole System Simulation - Chow - 2004
1	Erlingsson et al., XFI: Software Guards for System Address Spaces - unknown authors - 2006
1	et al., Design of the EROS Trusted Window System - Shapiro - 2004
1	et al., Polaris: virus-safe computing for Windows XP - Stiegler