Reducing TCB complexity for security-sensitive applications: Three case studies

Proceedings of the 2006 EuroSys Conference

Volumn , Issue , 2006, Pages 161-174

  Singaravelu, Lenin ^a   Pu, Calton ^a   Härtig, Hermann ^b   Helmuth, Christian ^b  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

^b DRESDEN UNIVERSITY OF TECHNOLOGY   (Germany)

Author keywords

Application security; Trusted computing base

Indexed keywords

CODES (SYMBOLS); COMPUTATIONAL COMPLEXITY; LEGACY SYSTEMS; OPTIMIZATION; SOFTWARE ARCHITECTURE; VIRTUAL REALITY;

APPLICATION SECURITY; TESTABILITY; TRUSTED COMPUTING BASE; VULNERABILITY;

SECURITY OF DATA;

EID: 34748842601     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1217935.1217951     Document Type: Conference Paper

References (50)

1. Microsoft. Next-Generation Secure Computing Base. http://www.microsoft. com/resources/ngscb/default.mspx
2. Mozilla Foundation. Mozilla Module Owners. http://www.mozilla.org/owners. html
3. PeerSec Networks. MatrixSSL - Open Source Embedded SSL. http://www.matrixssl.org/
4. Secunia. Vulnerability Report - Microsoft Internet Explorer 6. http://secunia.com/product/11/
5. Secunia. Vulnerability Report - Mozilla Firefox 1.x. http://secunia.com/ product/4227/
6. Secunia. Vulnerability Report - X11 Windowing System (X11) 6.x. http://secunia.com/product/3913/
7. Secunia. Vulnerability Report - Linux Kernel 2.4.x. http://secunia.com/ product/763/
8. Secunia. Check Point VPN-1 Products ISAKMP Buffer Overflow Vulnerability. http://secunia.com/advisories/11546/
9. Snapgear. Snapgear Embedded Linux. http://www.snapgear.org
10. Trusted Computing Group. TCG Main Specification v1.1b, https://www.trustedcomputinggroup.org/
11. J. Bambenek, SANS Institute. BHO scanning tool and New Scam Targets Bank Customers. http://isc.sans.org/diary.php?date=2004-06-29.
12. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A.Warfield. Xen and the Art of Virtualization. In Proc. 19th ACM Symposium on Operating Systems Principles (SOSP 2003), NY, Oct. 2003.
13. V. Basili and D. Hutchens. An Empirical Study of a Complexity Family. In IEEE Transactions on Software Engineering, Volume 9, No. 6, November 1983, pp. 664-672.
14. D. Brumley, D. X. Song. Privtrans: Automatically Partitioning Programs for Privilege Separation. In Proc. USENIX Security Symposium, San Diego, USA. Aug 9-13, 2004.
15. P. M. Chen and B.D. Noble. When Virtual is Better Than Real, In Eighth Workshop on Hot Topics in Operating Systems, May 2001, Elmau, Germany.
16. N. Chou, R. Ledesma, Y. Teraguchi, D. Boneh and J. C. Mitchell, Client-side defense against web-based identity theft, In 11th Annual Network and Distributed System Security Symposium (NDSS '04), San Diego, February, 2004.
17. th USENDC OSDI. San Diego, Oct. 2000.
18. th SOSP. Banff, Canada, Oct. 2001.
19. st Annual Computer Security Applications Conference, Tucson, Arizona, USA, Dec. 2005
20. N. E. Fenton, N. Ohlsson., Quantitative Analysis of Faults and Failures in a Complex Software System. In IEEE Trans. Software Eng. 26(8): 797-814, 2000.
21. Gaffhey, J., Program Control Complexity and Productivity. In Proceedings of the IEEE Workshop on Quantitative Software Models, pg 179, October, 1979.
22. th SOSP, October 2003.
23. H. Härtig. Security architectures revisited. In Proceedings of the Tenth ACM SIGOPS European Workshop, Saint-Emilion, France, September 2002.
24. H. Härtig, M. Hohmuth, N. Feske, C. Helmuth, A. Lackorzynski, F. Mehnert and M. Peter. The Nizza Secure-System Architecture. In IEEE CollaborateCom 2005. San Jose, USA. Dec 2005.
25. H. Härtig, M. Hohmuth, J. Liedtke, S. Schönberg, and J.Wolter. The performance of μ-kernel-based systems. In Proc. I6th ACM Symposium on Operating System Principles, pp 66-77, Oct. 1997.
26. C. Helmuth, A. Warg, and N. Feske. Mikro-SINA-Hands-on Experiences with the Nizza Security Architecture. In Proceedings of the D.A.C.H Security 2005, Darmstadt, Germany, March 2005.
27. A. Herzberg and A. Gbara, TrustBar: Protecting (even Naïve) Web Users from Spoofing and Phishing Attacks, Cryptology ePrint Archive, Report 2004/155. 2004.
28. Hohmuth, M., M. Peter, H. Härtig, and J. Shapiro. "Reducing TCB size by using untrusted components - small kernels versus virtual machine monitors", in Proc. of the 11th ACM SIGOPS European Workshop, Leuven, Belgium, 2004.
29. th USENIX Security Symposium, Washington D.C. USA, Aug. 2003.
30. D. Kilpatrick, Privman: A Library for Partitioning Applications. In USENIX Annual Technical Conference, FREENIX Track 2003, pp 273-284. San Antonio USA, July 2003.
31. D. Lie, C.A. Thekkath and M. Horowitz, Implementing an untrusted operating system on trusted hardware, In 19th ACM-SOSP,2003, Bolton Landing, NY.
32. J. Liedtke, On Micro-Kernel Construction, In 15th ACM Symposium on Operating System Principles, Copper mountain Resort, Colorado, USA. Dec. 1995.
33. T.J. McCabe, A Complexity Measure, IEEE Transactions on Software Engineering, SE-2 No, 4, pp. 308-320, Dec. 1976.
34. X. Qie, R. Pang, L. L. Peterson, Defensive Programming: Using an Annotation Toolkit to Build DoS-Resistant Software. In OSDI 2002, Boston, Dec. 2002.
35. B. Pfuzmann, J. Riordan, C. Stable, M. Waidner and A. Weber. The PERSEUS System Architecture. Research Report. IBM Research Division. RZ 3335. Sept. 2001.
36. N. Provos, M. Friedl, and P. Honeyman, Preventing privilege escalation. In 12th USENIX Security Symposium, Washington D.C, Aug. 2003.
37. B. Ross, C. Jackson, N. Miyake, D. Boneh and J. C. Mitchell, Stronger Password Authentication Using Browser Extensions. In 14th Usenix Security Symposium, Baltimore, USA, Aug. 2005.
38. JH Saltzer and MD Schroeder, The Protection of Information in Computer Systems, Proc. of the IEEE, Vol.63, No.9, Sept. 1975, pp.1278-1308.
39. R. Sailer, X. Zhang, T. Jaeger, and L. V. Doom. Design and Implementation of a TCG-based Integrity Measurement Architecture, In Proceedings of Thirteenth USENIX Security Symposium, pp 223-238, August 2004.
40. B. Sehneier. Software Complexity and Security. Crypto-Gram Newsletter. March 2000. http://www.schneier.com/crypto-gram-0003.html
41. J. S. Shapiro, J. M. Smith, and D. J. Farber. EROS: A Fast Capability System, In Proc. 17th ACMSymposium on Operating Systems Principles. Charleston, SC, USA. Dec. 1999.
42. J. S. Shapiro, J. Vanderburgh, E. Northup, and D. Chizmadia, Design of the EROS Trusted Window System, In Proc. USENIX Security Symposium, San Diego CA, 2004
43. V. Y. Shen, T. Yu, S. M. Thebaut, and L. R. Paulsen, Identifying Error-prone Software -An Empirical Study, In IEEE TOSE, Vol. SE-11, pp. 317-323, April 1985.
44. Shepperd, M., Ince, D.C., Derivation and Validation of Software Metrics, pp 37-40. Oxford Science Publications, 1993.
45. R. Spencer, S.Smalley, P. Loscocco, M. Hibler, D.Andersen and J. Lepreau. The Flask Security Architecture: System Support for Diverse Security Policies. In Procedings of the 8th USENIX Security Symposium, Aug. 1999.
46. J. D. Tygar and A. Whitten. WWW electronic commerce and Java Trojan horses. In Proc. of the 2nd USENIX Workshop on Electronic Commerce, Nov. 1996, pp. 243-250.
47. D. Wagner, J. Foster, E. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Proceedings of the ISOC Symposium on Network and Distributed System Security, 2000.
48. D. Wheeler. SLOCCount. http://www.dwheeler.com/sloccount/
49. Wright, C., C. Cowan, S. Smalley, J. Morris, G. Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. In the Proceedings of the 2002 Usenix Security Symposium, Aug 2002, San Francisco.
50. B. Yee and D. Tygar. Secure coprocessors in electronic commerce applications. In Proc. of the First USENIX Workshop on Electronic Commerce, New York, July 1995.