Results 1 - 10
of
121
Efficient TCB Reduction and Attestation
, 2009
"... We develop a special-purpose hypervisor called TrustVisor that facilitates the execution of security-sensitive code in isolation from commodity OSes and applications. TrustVisor provides code and execution integrity as well as data secrecy and integrity for protected code, even in the presence of a ..."
Abstract
-
Cited by 141 (17 self)
- Add to MetaCart
(Show Context)
We develop a special-purpose hypervisor called TrustVisor that facilitates the execution of security-sensitive code in isolation from commodity OSes and applications. TrustVisor provides code and execution integrity as well as data secrecy and integrity for protected code, even in the presence of a compromised OS. These strong properties can be attested to a remote verifier. TrustVisor only adds 5306 lines to the TCB (over half of which is for cryptographic operations). TrustVisorimposeslessthan7%overheadinthecommoncase. Thisoverheadislargelytheresult of today’s x86hardware virtualization support. 1
QUIRE: Lightweight Provenance for Smart Phone Operating Systems
"... Smartphone apps often run with full privileges to access the network and sensitive local resources, making it difficult for remote systems to have any trust in the provenance of network connections they receive. Even within the phone, different apps with different privileges can communicate with one ..."
Abstract
-
Cited by 110 (1 self)
- Add to MetaCart
(Show Context)
Smartphone apps often run with full privileges to access the network and sensitive local resources, making it difficult for remote systems to have any trust in the provenance of network connections they receive. Even within the phone, different apps with different privileges can communicate with one another, allowing one app to trick another into improperly exercising its privileges (a Confused Deputy attack). In QUIRE, we engineered two new security mechanisms into Android to address these issues. First, we track the call chain of IPCs, allowing an app the choice of operating with the diminished privileges of its callers or to act explicitly on its own behalf. Second, a lightweight signature scheme allows any app to create a signed statement that can be verified anywhere inside the phone. Both of these mechanisms are reflected in network RPCs, allowing remote systems visibility into the state of the phone when an RPC is made. We demonstrate the usefulness of QUIRE with two example applications. We built an advertising service, running distinctly from the app which wants to display ads, which can validate clicks passed to it from its host. We also built a payment service, allowing an app to issue a request which the payment service validates with the user. An app cannot not forge a payment request by directly connecting to the remote server, nor can the local payment service tamper with the request. 1
Towards Trusted Cloud Computing
- HOTCLOUD
, 2009
"... Cloud computing infrastructures enable companies to cut costs by outsourcing computations on-demand. However, clients of cloud computing services currently have no means of verifying the confidentiality and integrity of their data and computation. To address this problem we propose the design of a t ..."
Abstract
-
Cited by 96 (1 self)
- Add to MetaCart
(Show Context)
Cloud computing infrastructures enable companies to cut costs by outsourcing computations on-demand. However, clients of cloud computing services currently have no means of verifying the confidentiality and integrity of their data and computation. To address this problem we propose the design of a trusted cloud computing platform (TCCP). TCCP enables Infrastructure as a Service (IaaS) providers such as Amazon EC2 to provide a closed box execution environment that guarantees confidential execution of guest virtual machines. Moreover, it allows users to attest to the IaaS provider and determine whether or not the service is secure before they launch their virtual machines.
Attested append-only memory: Making adversaries stick to their word
- In Proc. of SOSP
, 2007
"... Researchers have made great strides in improving the fault tolerance of both centralized and replicated systems against arbitrary (Byzantine) faults. However, there are hard limits to how much can be done with entirely untrusted components; for example, replicated state machines cannot tolerate more ..."
Abstract
-
Cited by 90 (7 self)
- Add to MetaCart
(Show Context)
Researchers have made great strides in improving the fault tolerance of both centralized and replicated systems against arbitrary (Byzantine) faults. However, there are hard limits to how much can be done with entirely untrusted components; for example, replicated state machines cannot tolerate more than a third of their replica population being Byzantine. In this paper, we investigate how minimal trusted abstractions can push through these hard limits in practical ways. We propose Attested Append-Only Memory (A2M), a trusted system facility that is small, easy to implement and easy to verify formally. A2M provides the programming abstraction of a trusted log, which leads to protocol designs immune to equivocation – the ability of a faulty host to lie in different ways to different clients or servers – which is a common source of Byzantine headaches. Using A2M, we improve upon the state of the art in Byzantine-fault tolerant replicated state machines, producing A2M-enabled protocols (variants of Castro and Liskov’s PBFT) that remain correct (linearizable) and keep making progress (live) even when half the replicas are faulty, in contrast to the previous upper bound. We also present an A2M-enabled single-server shared storage protocol that guarantees linearizability despite server faults. We implement A2M and our protocols, evaluate them experimentally through micro- and macro-benchmarks, and argue that the improved fault tolerance is cost-effective for a broad range of uses, opening up new avenues for practical, more reliable services.
Improving Xen security through disaggregation
- Proceedings of the Fourth ACM SIGPLAN/SIGOPS international conference on Virtual Execution Environments
"... Virtual machine monitors (VMMs) have been hailed as the basis for an increasing number of reliable or trusted computing systems. The Xen VMM is a relatively small piece of software – a hypervisor – that runs at a lower level than a conventional operating system in order to provide isolation between ..."
Abstract
-
Cited by 76 (3 self)
- Add to MetaCart
(Show Context)
Virtual machine monitors (VMMs) have been hailed as the basis for an increasing number of reliable or trusted computing systems. The Xen VMM is a relatively small piece of software – a hypervisor – that runs at a lower level than a conventional operating system in order to provide isolation between virtual machines: its size is offered as an argument for its trustworthiness. However, the management of a Xen-based system requires a privileged, fullblown operating system to be included in the trusted computing base (TCB). In this paper, we introduce our work to disaggregate the management virtual machine in a Xen-based system. We begin by analysing the Xen architecture and explaining why the status quo results in a large TCB. We then describe our implementation, which moves the domain builder, the most important privileged component, into a minimal trusted compartment. We illustrate how this approach may be used to implement “trusted virtualisation ” and improve the security of virtual TPM implementations. Finally, we evaluate our approach in terms of the reduction in TCB size, and by performing a security analysis of the disaggregated system. Categories and Subject Descriptors D.4.6 [Operating Systems]: Security and Protection—Information flow controls
HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity ∗
"... This paper presents HyperSentry, a novel framework to enable integrity measurement of a running hypervisor (or any other highest privileged software layer on a system). Unlike existing solutions for protecting privileged software, Hyper-Sentry does not introduce a higher privileged software layer be ..."
Abstract
-
Cited by 58 (1 self)
- Add to MetaCart
(Show Context)
This paper presents HyperSentry, a novel framework to enable integrity measurement of a running hypervisor (or any other highest privileged software layer on a system). Unlike existing solutions for protecting privileged software, Hyper-Sentry does not introduce a higher privileged software layer below the integrity measurement target, which could start another race with malicious attackers in obtaining the highest privilege in the system. Instead, HyperSentry introduces a software component that is properly isolated from the hypervisor to enable stealthy and in-context measurement of the runtime integrity of the hypervisor. While stealthiness is necessary to ensure that a compromised hypervisor does not have a chance to hide the attack traces upon detecting an up-coming measurement, in-context measurement is necessary to retrieve all the needed inputs for a successful integrity measurement. HyperSentry uses an out-of-band channel (e.g., Intelligent Platform Management Interface (IPMI), which is commonly available on server platforms) to trigger the stealthy measurement, and adopts the System Management Mode (SMM) to protect its base code and critical data. A key contribution of HyperSentry is the set of novel techniques that overcome SMM’s limitation, providing an integrity measurement agent with (1) the same contextual information available to the hypervisor, (2) completely protected execution, and (3) attestation to its output. To evaluate HyperSentry,
Bootstrapping trust in commodity computers.
- In IEEE Symposium on Security and Privacy (S&P),
, 2010
"... Abstract Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improvi ..."
Abstract
-
Cited by 48 (5 self)
- Add to MetaCart
(Show Context)
Abstract Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent "Trusted Computing" initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.
Using hypervisor to provide data secrecy for user applications on a per-page basis
- In Proceedings of the International Conference on Virtual Execution Environments (VEE
, 2008
"... Hypervisors are increasingly utilized in modern computer systems, ranging from PCs to web servers and data centers. Aside from server applications, hypervisors are also becoming a popular target for implementing many security systems, since they provide a small and easy-to-secure trusted computing b ..."
Abstract
-
Cited by 35 (1 self)
- Add to MetaCart
(Show Context)
Hypervisors are increasingly utilized in modern computer systems, ranging from PCs to web servers and data centers. Aside from server applications, hypervisors are also becoming a popular target for implementing many security systems, since they provide a small and easy-to-secure trusted computing base. This paper presents a novel way of using hypervisors to protect application data privacy even when the underlying operating system is not trustable. Each page in virtual address space is rendered to user applications ac-cording to the security context the application is running in. The hypervisor encrypts and decrypts each memory page requested de-pending on the application’s access permission to the page. The main result of this system is the complete removal of the operating system from the trust base for user applications ’ data privacy. To reduce the runtime overhead of the system, two optimization tech-niques are employed. We use page-frame replication to reduce the number of cryptographic operations by keeping decrypted versions of a page frame. We also employ lazy synchronization to minimize overhead due to an update to one of the replicated page frame. Our system is implemented and evaluated by modifying the Xen hyper-visor, showing that it increases the application execution time only by 3 % for CPU and memory-intensive workloads.
Policy-sealed data: A new abstraction for building trusted cloud services
- In USENIX Security
, 2012
"... Accidental or intentional mismanagement of cloud software by administrators poses a serious threat to the integrity and confidentiality of customer data hosted by cloud services. Trusted computing provides an important foundation for designing cloud services that are more resilient to these threats. ..."
Abstract
-
Cited by 33 (8 self)
- Add to MetaCart
(Show Context)
Accidental or intentional mismanagement of cloud software by administrators poses a serious threat to the integrity and confidentiality of customer data hosted by cloud services. Trusted computing provides an important foundation for designing cloud services that are more resilient to these threats. However, current trusted computing technology is ill-suited to the cloud as it exposes too many internal details of the cloud infrastructure, hinders fault tolerance and load-balancing flexibility, and performs poorly. We present Excalibur, a system that addresses these limitations by enabling the design of trusted cloud services. Excalibur provides a new trusted computing abstraction, called policy-sealed data, that lets data be sealed (i.e., encrypted to a customer-defined policy) and then unsealed (i.e., decrypted) only by nodes whose configurations match the policy. To provide this abstraction, Excalibur uses attribute-based encryption, which reduces the overhead of key management and improves the performance of the distributed protocols employed. To demonstrate that Excalibur is practical, we incorporated it in the Eucalyptus open-source cloud platform. Policy-sealed data can provide greater confidence to Eucalyptus customers that their data is not being mismanaged. 1
Using a personal device to strengthen password authentication from an untrusted computer
, 2007
"... Keylogging and phishing attacks can extract user identity and sensitive account information for unauthorized access to users’ financial accounts. Most existing or proposed solutions are vulnerable to session hijacking attacks. We propose a simple approach to counter these attacks, which cryptograph ..."
Abstract
-
Cited by 30 (3 self)
- Add to MetaCart
Keylogging and phishing attacks can extract user identity and sensitive account information for unauthorized access to users’ financial accounts. Most existing or proposed solutions are vulnerable to session hijacking attacks. We propose a simple approach to counter these attacks, which cryptographically separates a user’s long-term secret input from (typically untrusted) client PCs; a client PC performs most computations but has access only to temporary secrets. The user’s long-term secret (typically short and low-entropy) is input through an independent personal trusted device such as a cellphone. The personal device provides a user’s long-term secrets to a client PC only after encrypting the secrets using a pre-installed, “correct” public key of a remote service (the intended recipient of the secrets). The proposed protocol (MP-Auth) realizes such an approach, and is intended to safeguard passwords from keyloggers, other malware (including rootkits), phishing attacks and pharming, as well as to provide transaction security to foil session hijacking. We report on a prototype implementation of MP-Auth, and provide a comparison of web authentication techniques that use an additional factor of authentication (e.g. a cellphone, PDA or hardware token).
