Execution leases: A hardware-supported mechanism for enforcing strong non-interference

Proceedings of the Annual International Symposium on Microarchitecture, MICRO

Volumn , Issue , 2009, Pages 493-504

  Tiwari, Mohit ^a   Li, Xun ^a   Wassel, Hassan M G ^a   Chong, Frederic T ^a   Sherwood, Timothy ^a  

^a University of California   (United States)

Author keywords

Covert channels; Gate level information flow tracking; High assurance systems; Timing channels

Indexed keywords

COVERT CHANNELS; GATE LEVELS; HIGH ASSURANCE SYSTEMS; INFORMATION FLOWS; TIMING CHANNELS;

AIRCRAFT CONTROL; LINGUISTICS; PROGRAM COMPILERS; QUERY LANGUAGES; RISK PERCEPTION; TABLE LOOKUP; THEOREM PROVING; TIME MEASUREMENT;

MACHINE DESIGN;

EID: 76749092676     PISSN: 10724451     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1669112.1669174     Document Type: Conference Paper

References (37)

1. The integrity real-time operating system. http://www.ghs.com/products/ rtos/integrity.html.
2. What does cc eal6+ mean? http://www.oklabs.com/blog/entry/what-does-cc- eal6-mean/.
3. James Newsome and Dawn Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In 12th Annual Network and Distributed System Security Symposium (NDSS '05), February 2005.
4. O. Aciiçmez, Çetin Kaya Koç, and J.-P. Seifert. Predicting secret keys via branch prediction. In The Cryptographers Track at RSA Conference, pages 225-242, 2007.
5. J. Clause, W. Li, and A. Orso. Dytan: a generic dynamic taint analysis framework. In ISSTA '07: Proceedings of the 2007 international symposium on Software testing and analysis, pages 196-206, New York, NY, USA, 2007. ACM.
6. J. R. Crandall and F. T. Chong. Minos: Control Data Attack Prevention Orthogonal to Memory Model. In MICRO 37: Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, pages 221-232, Washington, DC, USA, 2004. IEEE Computer Society.
7. J. Daemen and V. Rijmen. The design of rijndael: Aes - the advanced encryption standard. 2002.
8. M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: A Flexible Information Flow Architecture for Software Security. In 34th Intl. Symposium on Computer Architecture (ISCA), June 2007.
9. D. Federal Aviation Administration (FAA). Boeing model 787-8 airplane; systems and data networks security - isolation or protection from unauthorized passenger domain systems access. http://cryptome.info/faa010208.htm.
10. P. A. Karger, M. E. Zurko, D. W. Bonin, A. H. Mason, and C. E. Kahn. A retrospective on the vax vmm security kernel. IEEE Trans. Softw. Eng., 17(11):1147-1165, 1991.
11. R. A. Kemmerer. Shared resource matrix methodology: an approach to identifying storage and timing channels. ACM Transactions on Computer Systems, 1(3):256-277, 1983.
12. P. C. Kocher. Timing attacks on implementations of diffe-hellman, rsa, dss, and other systems. In CRYPTO '96: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, pages 104-113, London, UK, 1996. Springer-Verlag.
13. M. Krohn and E. Tromer. Noninterference for a practical difc-based operating system. In Proceedings of the 2009 IEEE Symposium on Security and Privacy, 2009.
14. M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. F. Kaashoek, E. Kohler, and R. Morris. Information flow control for standard os abstractions. SIGOPS Oper. Syst. Rev., 41(6):321-334, 2007.
15. B. Lampson. A note on the confinement problem. CACM, 16(10):613-615, 1973.
16. R. B. Lee, P. C. S. Kwan, J. P. Mcgregor, J. Dwoskin, and Z. Wang. Architecture for protecting critical secrets in microprocessors. In Proceedings of the 32nd International Symposium on Computer Architecture (ISCA), 2005.
17. H. M. Levy. Capability-Based Computer Systems. Butterworth-Heinemann, 1984.
18. D. Lie, C. A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. C. Mitchell, and M. Horowitz. Architectural Support for Copy and Tamper Resistant Software. In Architectural Support for Programming Languages and Operating Systems, pages 168-177, 2000.
19. W. Martin, P. White, F. Taylor, and A. Goldberg. Formal construction of the mathematically analyzed separation kernel. Automated Software Engineering, International Conference on, 0:133, 2000.
20. J. Mclean and C. Heitmeyer. High assurance computer systems: A research agenda. In America in the Age of Information, National Science and Technology Council Committee on Information and Communications Forum, 1995.
21. J. K. Millen. 20 years of covert channel modeling and analysis. In IEEE Symposium on Security and Privacy, 1999.
22. A. C. Myers, N. Nystrom, L. Zheng, and S. Zdancewic. Jif: Java information flow. Software release. http://www.cs.cornell.edu/jif, July 2001.
23. D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: the case of aes. In Topics in Cryptology - CT-RSA 2006, pages 1-20. Springer-Verlag, 2006.
24. F. Pottier and V. Simonet. Information flow inference for ML. ACM Transactions on Programming Languages and Systems, 25(1):117-158, Jan. 2003.
25. I. Roy, D. E. Porter, M. D. Bond, K. S. McKinley, and E. Witchel. Laminar: Practical fine-grained decentralized information flow control. In Proceedings of ACM SIGPLAN 2009 Conference on Programming Language Design and Implementation (PLDI 2009), Dublin, June 2009.
26. O. Ruwase, P. B. Gibbons, T. C. Mowry, V. Ramachandran, S. Chen, M. Kozuch, and M. Ryan. Parallelizing dynamic information flow tracking. In SPAA '08: Proceedings of the twentieth annual symposium on Parallelism in algorithms and architectures, pages 35-45, New York, NY, USA, 2008. ACM.
27. A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21:2003, 2003.
28. O. Sibert, P. A. Porras, and R. Lindell. An analysis of the intel 80x86 security architecture and implementations. IEEE Transactions on Software Engineering, 22(5):283-293, 1996.
29. G. Suh, C. O'Donnell, and S. Devadas. Aegis: A single-chip secure processor. Design and Test of Computers, IEEE, 24(6):570-580, Nov.-Dec. 2007.
30. G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure Program Execution via Dynamic Information Flow Tracking. In ASPLOS-XI: Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, pages 85-96, New York, NY, USA, 2004. ACM Press.
31. M. Tiwari, H. Wassel, B. Mazloom, S. Mysore, F. Chong, and T. Sherwood. Complete information flow tracking from the gates up. In Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2009.
32. TSEC Rainbow Series Library. A guide to understanding covert channel analysis of trusted systems, version 1. Technical Report NCSC-TG-030, Library No. S-240,572, 1993.
33. N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. Rifle: An architectural framework for user-centric information-flow security. In MICRO 37: Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, pages 243-254. IEEE Computer Society, 2004.
34. G. Venkataramani, I. Doudalis, Y. Solihin, and M. Prvulovic. Flexitaint: A programmable accelerator for dynamic taint propagation. In Fourteenth International Symposium on High Performance Computer Architecture (HPCA), pages 196-206, New York, NY, USA, 2008. ACM.
35. D. Volpano, C. Irvine, and G. Smith. A sound type system for secure flow analysis. Journal of Computer Security, 4(2-3):167-187, 1996.
36. J. Yang, Y. Zhang, and L. Gao. Fast secure processor for inhibiting software piracy and tampering. In Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture, page 351. IEEE Computer Society, 2003.
37. N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in histar. In USENIX'06: Proceedings of the 7th conference on USENIX Symposium on Operating Systems Design and Implementation. USENIX Association, 2006.