SecureME: A hardware-software approach to full system security

Proceedings of the International Conference on Supercomputing

Volumn , Issue , 2011, Pages 108-119

  Chhabra, Siddhartha ^a,c   Rogers, Brian ^a,d   Solihin, Yan ^a   Prvulovic, Milos ^b  

^a North Carolina State University   (United States)

^b Georgia Institute of Technology   (United States)

^c INTEL CORPORATION   (United States)

^d IBM   (United States)

Author keywords

cloaking; hardware attacks; operating systems; security

Indexed keywords

CLOAKING; COMPUTING ENVIRONMENTS; COMPUTING NODES; EXECUTION TIME; HARDWARE ATTACK; HARDWARE ATTACKS; INTERPROCESS COMMUNICATION; MICROBENCHMARKS; PERFORMANCE EVALUATION; SECURE PROCESSORS; SECURITY; SECURITY BREACHES; SPATIO-TEMPORAL; STORAGE OVERHEAD; SYSTEM CALLS; SYSTEM SECURITY; VIRTUAL MEMORY MANAGEMENT;

CLOUD COMPUTING; COMPUTER CRIME; COMPUTER SYSTEMS; INTELLIGENT CONTROL; MOBILE DEVICES; MULTIPROGRAMMING; NETWORK SECURITY; PAGING SYSTEMS;

COMPUTER HARDWARE;

EID: 79959617325     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1995896.1995914     Document Type: Conference Paper

References (36)

1. N. Q. Anh and Y. Takefuji. Towards a tamper-resistant kernel rootkit detector. In SAC, New York, NY, USA, 2007.
2. W. Arbaugh, D. Farber, and J. Smith. A Secure and Reliable Bootstrap Architecture. In ISSP, 1997.
3. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebar, I. Pratt, and A. Warfield. Xen and the art of virtualization. In SOSP, New York, NY, 2003.
4. D. Champagne and R. Lee. Scalable Architectural Support for Trusted Software. In HPCA, 2010.
5. X. Chen, T. Garfinkel, E. C. Lewis, P. Subrahmanyam, C. A. Waldspurger, D. Boneh, J. Dwoskin, and D. R. K. Ports. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems. In ASPLOS, Seattle, WA, USA, 2008.
6. S. Chhabra, B. Rogers, and Y. Solihin. SHIELDSTRAP: Making Secure Processors Truly Secure. In ICCD, 2009.
7. Emery D. Berger and Kathryn S. Mckinley and Robert D. Blumofe and Paul R. Wilson. Hoard: A scalable memory allocator for multithreaded applications. In ASPLOS, 2000.
8. FIPS Publication 180-1. Secure Hash Standard. NIST, Federal Information Processing Standards, 1995.
9. B. Gassend, G. Suh, D. Clarke, M. Dijk, and S. Devadas. Caches and Hash Trees for Efficient Memory Integrity Verification. In HPCA, 2003.
10. T. C. Group. Trusted platform module (TPM) Main - Part 1 Design Principles.
11. H. Krawczyk and M. Bellare and R. Caneti. HMAC: Keyed-hashing for message authentication. http://www.ietf.org/, 1997.
12. IBM. IBM Extends Enhanced Data Security to Consumer Electronics Products. http://domino.research.ibm.com/comm/pr.nsf/pages/news.20060410 security.html, April 2006.
13. IBM Corporation. The Cell Broadband Engine processor security architecture. http://www-128.ibm.com/developerworks/power/library/pa- cellsecurity/, 2006.
14. T. Kgil, L. Falk, and T. Mudge. ChipLock: Support for Secure Microarchitectures. In Proc. of the Workshop on Architectural Support for Security and Anti-Virus, Oct. 2004.
15. M. Kharbutli, X. Jiang, Y. Solihin, G. Venkataramani, and M. Prvulovic. Comprehensively and efficiently protecting the heap. SIGOPS Oper. Syst. Rev., 40(5):207-218, 2006.
16. D. Lie, J. Mitchell, C. Thekkath, and M. Horowitz. Specifying and Verifying Hardware for Tamper-Resistant Software. In ISSP, 2003.
17. D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. MItchell, and M. Horowitz. Architectural Support for Copy and Tamper Resistant Software. In ASPLOS, 2000.
18. D. Lie, C. A. Thekkath, and M. Horowitz. Implementing an untrusted operating system on trusted hardware. In SOSP, 2003.
19. P. S. Magnusson, M. Christensson, J. Eskilson, D. Forsgren, G. Hallberg, J. Hogberg, F. Larsson, A. Moestedt, and B. Werner. Simics: A Full System Simulation Platform. IEEE Computer Society, 35(2):50-58, 2002.
20. J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: an execution infrastructure for tcb minimization. In Eurosys, Glasgow, Scotland UK, 2008.
21. Redhat. Gaining insight into the Linux kernel with kprobes. http://www.redhat.com/magazine/005mar05/features/kprobes/, 2005.
22. B. Rogers, S. Chhabra, Y. Solihin, and M. Prvulovic. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly. In MICRO, 2007.
23. B. Rogers, Y. Solihin, and M. Prvulovic. Efficient Data Protection for Distributed Shared Memory Multiprocessors. In PACT, 2006.
24. A. Seshadri, M. Luk, N. Qu, and A. Perrig. Secvisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity oses. In SOSP, 2007.
25. W. Shi and H.-H. Lee. Authentication Control Point and Its Implications for Secure Processor Design. In MICRO, 2006.
26. W. Shi, H.-H. Lee, M. Ghosh, and C. Lu. Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems. In PACT, 2004.
27. W. Shi, H.-H. Lee, M. Ghosh, C. Lu, and A. Boldyreva. High Efficiency Counter Mode Security Architecture via Prediction and Precomputation. In ISCA, 2005.
28. Standard Performance Evaluation Corporation. http://www.spec.org, 2006.
29. G. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In ICS, 2003.
30. G. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. Efficient Memory Integrity Verification and Encryption for Secure Processor. In MICRO, 2003.
31. R. Ta-min, L. Litty, and D. Lie. Splitting interfaces: Making trust between applications and operating systems configurable. In OSDI, 2006.
32. C. A. Waldspurger. Memory resource management in vmware esx server. SIGOPS Operating Systems Review, 36(SI):181-194, 2002.
33. C. Yan, B. Rogers, D. Englender, Y. Solihin, and M. Prvulovic. Improving Cost, Performance, and Security of Memory Encryption and Authentication. In ISCA, 2006.
34. J. Yang and K. G. Shin. Using hypervisor to provide data secrecy for user applications on a per-page basis. In VEE, 2008.
35. J. Yang, Y. Zhang, and L. Gao. Fast Secure Processor for Inhibiting Software Piracy and Tampering. In MICRO, 2003.
36. Y. Zhang, L. Gao, J. Yang, X. Zhang, and R. Gupta. SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors. In HPCA, 2005.